CrazySquirrel/EverCookie

View on GitHub
npm-shrinkwrap.json

Summary

Maintainability
Test Coverage

debug Regular Expression Denial of Service
Open

        "debug": {
          "version": "2.2.0",
          "dependencies": {
            "ms": {
              "version": "0.7.1"
Severity: Minor
Found in npm-shrinkwrap.json by nodesecurity

Regular Expression Denial of Service

Overview:

The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.

Recommendation:

Upgrade to version 2.6.9 or greater if you are on the 2.6.x series or 3.1.0 or greater.

debug Regular Expression Denial of Service
Open

        "debug": {
          "version": "2.2.0",
          "dependencies": {
            "ms": {
              "version": "0.7.1"
Severity: Minor
Found in npm-shrinkwrap.json by nodesecurity

Regular Expression Denial of Service

Overview:

The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.

Recommendation:

Upgrade to version 2.6.9 or greater if you are on the 2.6.x series or 3.1.0 or greater.

There are no issues that match your filters.

Category
Status