node-flowdock Fix for 2 vulnerable dependency paths

Fix for 2 vulnerable dependency paths

Open snyk-community opened this issue 8 years ago • 2 comments

node-flowdock currently has a 2 vulnerable dependency paths, introducing 2 different types of known vulnerabilities.

This PR fixes vulnerable dependencies.

ReDOS vulnerability in the hawk dependency.
remote memory exposure vulnerability in the request dependency.

You can see Snyk test report of this project for details.

This PR changes Package.json to upgrade request to the newer 2.74.0 version, and will fix all the vulnerabilities. You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.

Stay Secure, The Snyk Team

Oct 18 '16 10:10 snyk-community

please :)

Nov 20 '18 22:11 CpuID

@snyk-community any chance you can fix the merge conflict to make this an easier action for the maintainers?

Nov 20 '18 22:11 CpuID

node-flowdock node-flowdock copied to clipboard

Fix for 2 vulnerable dependency paths

node-flowdock
node-flowdock copied to clipboard