[GHSA-3h5v-q93c-6h6q] ws affected by a DoS when handling a request with many HTTP headers

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.67k stars 304 forks source link

[GHSA-3h5v-q93c-6h6q] ws affected by a DoS when handling a request with many HTTP headers #4571

Closed patmmccann closed 3 days ago

patmmccann commented 3 days ago

Updates

Affected products

Comments I'm not sure how to fix, but https://github.com/prebid/Prebid.js/security/dependabot/152 is not generating a pr despite reporting being able to upgrade to patched version 7.5.10. the security advisory says the earliest fixed version is in 8.17.1 and fails to generate a pull request

github commented 3 days ago

Hi there @lpinca! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

JonathanLEvans commented 3 days ago

Hi @patmmccann, sounds like you are looking for help with Dependabot rather than an update to the advisory. In that case, please contact GitHub support for help.