search

loggly / node-loggly-bulk

A client implementation for Loggly in node.js
https://www.loggly.com/docs/node-js-logs/
Other
20 stars 20 forks source link

WS-2018-0148 (Low) detected in utile-0.2.1.tgz #51

Closed mend-for-github-com[bot] closed 3 years ago

mend-for-github-com[bot] commented 3 years ago

WS-2018-0148 - Low Severity Vulnerability

Vulnerable Library - utile-0.2.1.tgz

A drop-in replacement for `util` with some additional advantageous functions

Library home page: https://registry.npmjs.org/utile/-/utile-0.2.1.tgz

Path to dependency file: node-loggly-bulk/package.json

Path to vulnerable library: node-loggly-bulk/node_modules/utile/package.json

Dependency Hierarchy: - common-style-3.1.0.tgz (Root Library) - jscs-2.11.0.tgz - prompt-0.2.14.tgz - :x: **utile-0.2.1.tgz** (Vulnerable Library)

Found in HEAD commit: cfd27fcc7d0cb76d62455da360cf0f9247ff6758

Found in base branch: master

Vulnerability Details

`utile` allocates uninitialized Buffers when number is passed in input. Before version 0.3.0

Publish Date: 2018-07-16

URL: WS-2018-0148

CVSS 2 Score Details (1.8)

Base Score Metrics not available

MartinaGold commented 3 years ago

Solved: common-style was replaced by eslint