Last active
January 22, 2018 16:56
-
-
Save tripu/96448944d9024c35de8638267e448d10 to your computer and use it in GitHub Desktop.
w3c/spork vulnerabilities
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ npm-check | |
| urijs NOTUSED? Still using urijs? | |
| Depcheck did not find code similar to require('urijs') or import from 'urijs'. | |
| Check your code before removing as depcheck isn't able to foresee all ways dependencies can be used. | |
| Use --skip-unused to skip this check. | |
| To remove this package: npm uninstall --save urijs | |
| emailjs MAJOR UP Major update available. https://github.com/eleith/emailjs#readme | |
| npm install --save emailjs@1.0.12 to go from 0.3.16 to 1.0.12 | |
| NOTUSED? Still using emailjs? | |
| Depcheck did not find code similar to require('emailjs') or import from 'emailjs'. | |
| Check your code before removing as depcheck isn't able to foresee all ways dependencies can be used. | |
| Use --skip-unused to skip this check. | |
| To remove this package: npm uninstall --save emailjs | |
| fs-extra MAJOR UP Major update available. https://github.com/jprichardson/node-fs-extra | |
| npm install --save fs-extra@5.0.0 to go from 0.16.5 to 5.0.0 | |
| handlebars MAJOR UP Major update available. http://www.handlebarsjs.com/ | |
| npm install --save handlebars@4.0.11 to go from 3.0.3 to 4.0.11 | |
| jquery MAJOR UP Major update available. https://jquery.com | |
| npm install --save jquery@3.3.1 to go from 2.2.4 to 3.3.1 | |
| NOTUSED? Still using jquery? | |
| Depcheck did not find code similar to require('jquery') or import from 'jquery'. | |
| Check your code before removing as depcheck isn't able to foresee all ways dependencies can be used. | |
| Use --skip-unused to skip this check. | |
| To remove this package: npm uninstall --save jquery | |
| nightmare MAJOR UP Major update available. https://github.com/segmentio/nightmare#readme | |
| npm install --save nightmare@2.10.0 to go from 1.8.2 to 2.10.0 | |
| nopt MAJOR UP Major update available. https://github.com/npm/nopt#readme | |
| npm install --save nopt@4.0.1 to go from 3.0.6 to 4.0.1 | |
| NOTUSED? Still using nopt? | |
| Depcheck did not find code similar to require('nopt') or import from 'nopt'. | |
| Check your code before removing as depcheck isn't able to foresee all ways dependencies can be used. | |
| Use --skip-unused to skip this check. | |
| To remove this package: npm uninstall --save nopt | |
| octokit NOTUSED? Still using octokit? | |
| Depcheck did not find code similar to require('octokit') or import from 'octokit'. | |
| Check your code before removing as depcheck isn't able to foresee all ways dependencies can be used. | |
| Use --skip-unused to skip this check. | |
| To remove this package: npm uninstall --save octokit | |
| phantomjs MAJOR UP Major update available. https://github.com/Medium/phantomjs | |
| npm install --save phantomjs@2.1.7 to go from 1.9.20 to 2.1.7 | |
| superagent MAJOR UP Major update available. https://github.com/visionmedia/superagent#readme | |
| npm install --save superagent@3.8.2 to go from 0.21.0 to 3.8.2 | |
| winston MAJOR UP Major update available. https://github.com/winstonjs/winston#readme | |
| npm install --save winston@2.4.0 to go from 0.8.3 to 2.4.0 | |
| winston-mail MAJOR UP Major update available. https://github.com/wavded/winston-mail#readme | |
| npm install --save winston-mail@1.3.0 to go from 0.3.2 to 1.3.0 | |
| weak NOTUSED? Still using weak? | |
| Depcheck did not find code similar to require('weak') or import from 'weak'. | |
| Check your code before removing as depcheck isn't able to foresee all ways dependencies can be used. | |
| Use --skip-unused to skip this check. | |
| To remove this package: npm uninstall --save weak | |
| Use npm-check -u for interactive update. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ nsp check | |
| (+) 17 vulnerabilities found | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Incorrect Handling of Non-Boolean Comparisons During Minification β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β uglify-js β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 8.3 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 2.3.6 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <= 2.4.23 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >= 2.4.24 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > handlebars@3.0.3 > uglify-js@2.3.6 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/39 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β mime β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 7.5 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 1.2.11 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β < 1.4.1 || > 2.0.0 < 2.0.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >= 1.4.1 < 2.0.0 || >= 2.0.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > superagent@0.21.0 > form-data@0.1.3 > mime@1.2.11 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/535 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β moment β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 7.5 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <2.19.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.19.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > emailjs@0.3.16 > moment@1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/532 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β moment β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 7.5 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <2.19.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.19.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > winston-mail@0.3.2 > emailjs@0.3.13 > moment@1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/532 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β mime β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 7.5 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 1.2.11 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β < 1.4.1 || > 2.0.0 < 2.0.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >= 1.4.1 < 2.0.0 || >= 2.0.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > superagent@0.21.0 > mime@1.2.11 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/535 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β tough-cookie β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 7.5 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 2.2.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <2.3.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.3.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > phantomjs@1.9.20 > request@2.67.0 > β | |
| β β tough-cookie@2.2.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/525 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β ReDoS via long string of semicolons β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β tough-cookie β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 7.5 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 2.2.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β >=0.9.7 <=2.2.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.3.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > phantomjs@1.9.20 > request@2.67.0 > β | |
| β β tough-cookie@2.2.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/130 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Cross-Site Scripting (XSS) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β jquery β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 7.2 (High) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 2.2.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β >=1.4.0 <=1.11.3 || >=1.12.4 <=2.2.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=3.0.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > jquery@2.2.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/328 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β moment β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 5.3 (Medium) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <2.11.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.11.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > winston-mail@0.3.2 > emailjs@0.3.13 > moment@1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/55 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β uglify-js β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 5.3 (Medium) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 2.3.6 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <2.6.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.6.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > handlebars@3.0.3 > uglify-js@2.3.6 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/48 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β moment β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 5.3 (Medium) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <2.11.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.11.2 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > emailjs@0.3.16 > moment@1.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/55 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Remote Memory Exposure β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β request β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 5.3 (Medium) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 2.67.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β >=2.2.6 <2.47.0 || >2.51.0 <=2.67.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=2.68.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > phantomjs@1.9.20 > request@2.67.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/309 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Quoteless Attributes in Templates can lead to Content Injection β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β handlebars β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 5.3 (Medium) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 3.0.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <4.0.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=4.0.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > handlebars@3.0.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/61 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Insecure Entropy Source - Math.random() β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β node-uuid β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 4.2 (Medium) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 1.3.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <1.4.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=1.4.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > nightmare@1.8.2 > phantom@0.7.2 > shoe@0.0.15 > β | |
| β β sockjs@0.3.7 > node-uuid@1.3.3 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/93 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Large gzip Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β superagent β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 3.7 (Low) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 0.21.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <3.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >=3.7.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > superagent@0.21.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/479 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β debug β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 3.7 (Low) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 0.7.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <= 2.6.8 || >= 3.0.0 <= 3.0.1 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >= 2.6.9 < 3.0.0 || >= 3.1.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > phantomjs@1.9.20 > extract-zip@1.5.0 > debug@0.7.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/534 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| ββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| β β Regular Expression Denial of Service β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Name β debug β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β CVSS β 3.7 (Low) β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Installed β 0.7.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Vulnerable β <= 2.6.8 || >= 3.0.0 <= 3.0.1 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Patched β >= 2.6.9 < 3.0.0 || >= 3.1.0 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β Path β spork@0.0.1 > nightmare@1.8.2 > debug@0.7.4 β | |
| ββββββββββββββΌβββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€ | |
| β More Info β https://nodesecurity.io/advisories/534 β | |
| ββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment