Skip to content
This repository has been archived by the owner on Jul 29, 2024. It is now read-only.

Please update the request node_module [vulnerability] #2205

Closed
vdclouis opened this issue Jun 4, 2015 · 2 comments
Closed

Please update the request node_module [vulnerability] #2205

vdclouis opened this issue Jun 4, 2015 · 2 comments
Labels
type: bug

Comments

@vdclouis
Copy link

vdclouis commented Jun 4, 2015

As the version in the package.json has an old version of qs which has this vulnerability:
https://portal.requiresafe.com/advisories/qs_dos_memory_exhaustionhttps://portal.requiresafe.com/advisories/qs_dos_memory_exhaustion
@sjelin
Copy link
Contributor

sjelin commented Jun 4, 2015

At the risk of saying something stupid, I don't see a dependency on qs in our package.json.

@vdclouis
Copy link
Author

vdclouis commented Jun 5, 2015

@sjelin yeah, this is indeed not clear.
what I mean is this:
protractor > request > qs

protractor uses on 'old' version of request which depends on an 'old' version of qs which has the vulnerability.
I hope this makes more sense now ^^

sjelin added a commit to sjelin/protractor that referenced this issue Jun 6, 2015
@sjelin
chore(dependencies): update request to 2.57
1339a80 
Closes angular#2205
@sjelin sjelin mentioned this issue Jun 6, 2015
Closed
@sjelin sjelin closed this as completed in 786ab05 Jun 8, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
type: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vdclouis @sjelin