This PR changes Package.json to upgrade request to the newer 2.74.0 version, and will fix the vulnerability listed above.
You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.
Note this PR fixes all the vulnerabilities introduced trough request dependency, in order to be vulnerability free you will need to upgrade other dependencies as well.
Mango currently has a 4 vulnerable dependency paths, introducing 3 different types of known vulnerabilities.
This PR fixes vulnerable dependencies, remote memory exposure vulnerability in the
requestdependency, ReDos vulnerability in thehawkdependency.You can see Snyk test report of this project for details.
This PR changes
Package.jsonto upgraderequestto the newer 2.74.0 version, and will fix the vulnerability listed above. You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.Note this PR fixes all the vulnerabilities introduced trough
requestdependency, in order to be vulnerability free you will need to upgrade other dependencies as well.Stay Secure, The Snyk Team