CVE-2017-16026
moderate severity
Vulnerable versions: >= 2.49.0, < 2.68.0
Patched version: 2.68.0
Affected versions of request will disclose local system memory to remote systems in certain circumstances. When a multipart request is made, and the type of body is number, then a buffer of that size will be allocated and sent to the remote server as the body.
There are some security problems.
Below is the dependency
Below is the problem.