High Security Vulnerability

apigee-127 / swagger-tools

A Node.js and browser module that provides tooling around Swagger.

MIT License

701 stars 373 forks source link

High Security Vulnerability #559

Closed alcatwize closed 6 years ago

alcatwize commented 6 years ago

Swagger-tools uses a version of "string" that has a a high security vulnerability. Affected versions of string (3.3.3 and before), are vulnerable to regular expression denial of service.

daka1510 commented 6 years ago

see https://github.com/apigee-127/swagger-tools/pull/542

whitlockjc commented 6 years ago

Duplicate.