[jira] [Closed] (THRIFT-3975) Security issue in Node.js module dependencies

James E. King, III (JIRA) Wed, 29 Mar 2017 11:54:08 -0700

     [ 
https://issues.apache.org/jira/browse/THRIFT-3975?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


James E. King, III closed THRIFT-3975.
--------------------------------------
    Resolution: Duplicate

> Security issue in Node.js module dependencies
> ---------------------------------------------
>
>                 Key: THRIFT-3975
>                 URL: https://issues.apache.org/jira/browse/THRIFT-3975
>             Project: Thrift
>          Issue Type: Bug
>          Components: Node.js - Library
>    Affects Versions: 0.9.3
>         Environment: Any
>            Reporter: Marc Trudel
>              Labels: security-issue
>
> Using RetireJS, the following information was reported:
> ws 0.4.32 has known vulnerabilities:  https://nodesecurity.io/advisories/67 
> advisory: DoS due to excessively large websocket message; 
> https://nodesecurity.io/advisories/120
> project 0.0.1
> ↳ ws 0.4.32
> This shouldn't affect me in the use-case I'll be using Thrift, but should 
> obviously get fixed at some point.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Closed] (THRIFT-3975) Security issue in Node.js module dependencies

Reply via email to