NPM Vulnerability - Githubissues

aacerox / node-rest-client

REST API client from node.js

MIT License

376 stars 132 forks source link

NPM Vulnerability #193

Open RecaMedia opened 6 years ago

RecaMedia commented 6 years ago

Hi just wanted to mention this is what my NPM audit provided and wanted to pass along the information.

  Low             Regular Expression Denial of Service
  Package         debug
  Patched in      >= 2.6.9 < 3.0.0 || >= 3.1.0
  Dependency of   paypal-permissions-sdk
  Path            paypal-permissions-sdk > node-rest-client > debug
  More info       https://nodesecurity.io/advisories/534

Please update when possible. Thanks!

jkaeser commented 5 years ago

See https://github.com/aacerox/node-rest-client/pull/164... looks unlikely this will be resolved.

coderextreme commented 5 years ago

Is there an alternate package which doesn't have the vunerability?