express-interceptor icon indicating copy to clipboard operation
express-interceptor copied to clipboard

Published 20 hours ago verified publisher icon axiomzen

Security Vulnerabilities with debug 2.2.0

Open abhishek1191 opened this issue 4 years ago • 1 comments

Hi @flockonus , There are some security vulnerabilities with debug 2.2.0. We are currently using express-interceptor and it is very useful for us. The issues have been fixed with 2.6.9. I can raise a pull request to upgrade it to version 2.6.9. Please let me know if you can approve that. That'll help us with resolving these issues

abhishek1191 avatar Nov 09 '20 12:11 abhishek1191

Hey @abhishek1191 I'm not an admin of the repo anymore, suggest checking with @EricLin2004 or @pierrebeugnot . Sending a PR with a dependency update seems straight forward, also could be good to link to the issue with debug, without a reference I have a hard time to imagine how this would turn into something critical.

flockonus avatar Nov 09 '20 17:11 flockonus