Skip to content
This repository has been archived by the owner on Jul 24, 2024. It is now read-only.

nsp-check: Prototype pollution attack #2252

Closed
froxCZ opened this issue Feb 16, 2018 · 1 comment
Closed

nsp-check: Prototype pollution attack #2252

froxCZ opened this issue Feb 16, 2018 · 1 comment

Comments

@froxCZ
Copy link

froxCZ commented Feb 16, 2018

Hi everyone,
there is a problem with nsp-check due to hoek lib.

┌───────────────┬─────────────────────────────────────────────────────────────────┐
│               │ Prototype pollution attack                                      │
├───────────────┼─────────────────────────────────────────────────────────────────┤
│ Name          │ hoek                                                            │
├───────────────┼─────────────────────────────────────────────────────────────────┤
│ CVSS          │ 4 (Medium)                                                      │
├───────────────┼─────────────────────────────────────────────────────────────────┤
│ Installed     │ 2.16.3                                                          │
├───────────────┼─────────────────────────────────────────────────────────────────┤
│ Vulnerable    │ <= 4.2.0 || >= 5.0.0 < 5.0.3                                    │
├───────────────┼─────────────────────────────────────────────────────────────────┤
│ Patched       │ > 4.2.0 < 5.0.0 || >= 5.0.3                                     │
├───────────────┼───────────────────────────���─────────────────────────────────────┤
│ Path          │ unite-optimizer@1.0.1 > nodemon@1.15.0 > chokidar@2.0.2 > fsev… │
├───────────────┼─────────────────────────────────────────────────────────────────┤
│ More Info     │ https://nodesecurity.io/advisories/566                          │
└───────────────┴─────────────────────────────────────────────────────────────────┘
@xzyfer
Copy link
Contributor

xzyfer commented Feb 16, 2018

Thanks for the report. This issue is a duplicate. We're away of the issue but have been forced to make this compromise.

#2170

@xzyfer xzyfer closed this as completed Feb 16, 2018
@nschonni nschonni mentioned this issue Feb 28, 2018
Closed
@noraj noraj mentioned this issue Apr 27, 2018
Closed
@ration ration mentioned this issue Jun 14, 2018
Closed
@aze3ma aze3ma mentioned this issue Jul 4, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xzyfer @froxCZ