swagger-stats icon indicating copy to clipboard operation
swagger-stats copied to clipboard
verified publisher icon slanatech

Fastify -> find-my-way vulnerability

Open awildeep opened this issue 1 year ago • 0 comments

swagger-stats currently depends on a version of fastify with a high severity vulnerability/

➜ npm audit
# npm audit report

find-my-way  <8.2.2
Severity: high
find-my-way has a ReDoS vulnerability in multiparametric routes - https://github.com/advisories/GHSA-rrr8-f88r-h8q6
fix available via `npm audit fix --force`
Will install @types/[email protected], which is a breaking change
node_modules/find-my-way
  fastify  0.17.0 - 4.25.2
  Depends on vulnerable versions of find-my-way
  node_modules/fastify
    @types/swagger-stats  >=0.95.5
    Depends on vulnerable versions of fastify
    node_modules/@types/swagger-stats

awildeep avatar Sep 20 '24 16:09 awildeep