node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

appbaseio / reactivesearch

Search UI components for React and Vue

https://opensource.appbase.io/reactivesearch

Apache License 2.0

4.89k stars 471 forks source link

Open atishayjainmono opened 2 years ago

atishayjainmono commented 2 years ago

manishgadhock-monotype commented 2 years ago

mohdashraf010897 commented 2 years ago

https://github.com/appbaseio/reactivesearch/pull/1900 The PR updates the appbase-js which uses the patched version of node-fetch addressing the above vulnerability.