node-jira icon indicating copy to clipboard operation
node-jira copied to clipboard

Published 20 hours ago verified publisher icon steves

Remote Memory Exposure Vulnerability

Open pbnj opened this issue 7 years ago • 0 comments

The version of request package being used here ("request": "<2.16.0") is vulnerable to remote memory exposure attack.

This has been patched up in later versions of request package.

Remediation is as simple as upgrading the dependency to version 2.68.0 or higher.

More information:

  • https://snyk.io/vuln/npm:request:20160119
  • https://github.com/request/request/pull/2018

pbnj avatar Feb 13 '17 23:02 pbnj