nuts icon indicating copy to clipboard operation
nuts copied to clipboard

Published 20 hours ago verified publisher icon GitbookIO

Fix for vulnerable dependency path

Open snyk-community opened this issue 8 years ago • 1 comments

nuts currently has a 5 vulnerable dependency paths, introducing 2 different types of known vulnerabilities.

This PR fixes vulnerable dependency, remote memory exposure vulnerability in the request dependency.

You can see Snyk test report of this project for details.

This PR changes Package.json to upgrade request to the newer 2.74.0 version, and will fix the vulnerability listed above. You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.

Note this PR fixes all the vulnerabilities introduced trough request dependency, in order to be vulnerability free you will need to upgrade octocat,analytics-node and body-parser dependencies as well.

Stay Secure, The Snyk Team

snyk-community avatar Oct 06 '16 12:10 snyk-community

Hi, I merged the project to a new repo to start maintain it, I would be glad if you can put your pull request here : https://github.com/loprima-l/nuts-2

loprima-l avatar Apr 08 '23 22:04 loprima-l