express-mongo-db
express-mongo-db copied to clipboard
Published
20 hours ago •
floatdrop
floatdrop
dependencies updated
This pull request resolves a high-severity DDOS vulnerability: https://npmjs.com/advisories/1203
Please merge!
npm audit
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ mongodb │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.1.13 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ express-mongo-db │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ express-mongo-db > mongodb │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1203 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 high severity vulnerability in 630 scanned packages
1 vulnerability requires manual review. See the full report for details.
I would also be interested in seeing this updated. If the owner can't update it, I'll publish a new version of this package myself and post it here so others can use it
Actually, seeing that it's under the MIT license, I decided to go ahead and implement these changes here: https://www.npmjs.com/package/mongo-express-req