Closed zvictor closed 6 years ago
I couldn't find anyone reporting this yet, which is weird to me, so here it goes:
This package fails the NSP check because debug < 2.6.9 is vulnerable to regular expression denial of service.
debug < 2.6.9
the debug package needs to be updated to at least version 2.6.9.
debug
2.6.9
@zvictor Thanks for reporting this, the issue is that old version of debug module, I will update and push a new release.
Fixed here and will soon be out in new release.
thank you so much for the quick reply :)
I couldn't find anyone reporting this yet, which is weird to me, so here it goes:
This package fails the NSP check because
debug < 2.6.9
is vulnerable to regular expression denial of service.the
debug
package needs to be updated to at least version2.6.9
.