search

pghalliday / node-BrowserStackTunnel

https://www.npmjs.com/package/browserstacktunnel-wrapper
MIT License
17 stars 24 forks source link

https-proxy-agent v1 vulnerable #33

Open roland-vachter opened 6 years ago

roland-vachter commented 6 years ago

High Denial of Service

Package https-proxy-agent

Patched in >=2.2.0

Dependency of karma-browserstack-launcher [dev]

Path karma-browserstack-launcher > browserstacktunnel-wrapper > https-proxy-agent

More info https://nodesecurity.io/advisories/593

Solution: upgrade to https-proxy-agent ^2.0.0