This PR changes Package.json to upgrade request to the newer 2.74.0 version, and will fix the vulnerability listed above.
You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.
Note this PR fixes all the vulnerabilities introduced trough request dependency, in order to be vulnerability free you will need to upgrade other dependencies as well.
dreadnot currently has a 14 vulnerable dependency paths, introducing 11 different types of known vulnerabilities.
his PR fixes vulnerable dependencies, introducing remote memory exposure vulnerability in the
requestdependency.You can see Snyk test report of this project for details.
This PR changes
Package.jsonto upgraderequestto the newer 2.74.0 version, and will fix the vulnerability listed above. You can get alerts and fix PRs for future vulnerabilities for free by watching this repo with Snyk.Note this PR fixes all the vulnerabilities introduced trough
requestdependency, in order to be vulnerability free you will need to upgrade other dependencies as well.Stay Secure, The Snyk Team