Open girishghoda opened 1 year ago
Hey @girishghoda,
We're part of a startup called Seal Security that mitigates software vulnerabilities in older open source versions by backporting/creating standalone security patches - enabling more straightforward remediation in cases like this. We created an bson@1.0.9-sp1
that's vulnerability-free. As with all of our patches, it's open-source and available for free.
If relevant, check out our GitHub repo if you wish to learn more, or start using our app - it's free to use for open-source projects!.
Please feel free to reach us at info@seal.security if you have any requests/questions.
Title
Snyk vulnerabilities
Description
There are multiple Snyk vulnerabilities in dependencies used in Chatbot.Listed below
Critical
High
Some other info
express-sessions NPM was last updated 7 years ago and most of the vulnerabilities introduced from this dependency