Skip to content
This repository has been archived by the owner on Jul 24, 2024. It is now read-only.

Update request version to 2.83.0 #2257

Closed
YusirahW opened this issue Feb 21, 2018 · 1 comment
Closed

Update request version to 2.83.0 #2257

YusirahW opened this issue Feb 21, 2018 · 1 comment

Comments

@YusirahW
Copy link

Ran a nsp check and found that there's a vulnerability of prototype pollution attack related to the version of hoek. from other threads and updating request this issue has been fixed. Just needs request dependency to update its version dependency.

name: hoek
node-sass@4.7.2 > request@2.79.0 > hawk@3.1.3 > hoek@2.16.3

https://nodesecurity.io/advisories/566
https://hackerone.com/reports/310439
@xzyfer
Copy link
Contributor

xzyfer commented Feb 21, 2018

Duplicate of #2170 #2256

@xzyfer xzyfer closed this as completed Feb 21, 2018
@xzyfer xzyfer mentioned this issue Mar 24, 2018
Closed
@paulschreiber paulschreiber mentioned this issue May 18, 2018
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xzyfer @YusirahW