Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ReDoS vulnerability parsing Set-Cookie #82

Open
eistrati opened this issue Nov 16, 2017 · 5 comments
Open

ReDoS vulnerability parsing Set-Cookie #82

eistrati opened this issue Nov 16, 2017 · 5 comments
Assignees
@ddimitrioglo
Labels
enhancement on hold

Comments

@eistrati
Copy link
Contributor 

npm WARN deprecated [email protected]: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
@eistrati
Copy link
Contributor Author

eistrati commented Nov 16, 2017
edited by ddimitrioglo
Loading

While here, please check all dependencies that throw warnings:

1) npm WARN deprecated [email protected]: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
2) npm WARN deprecated [email protected]: Use uuid module instead
3) npm WARN deprecated [email protected]: connect 2.x series is deprecated
4) npm WARN deprecated [email protected]: the module is now available as 'css-select'
5) npm WARN deprecated [email protected]: the module is now available as 'css-what'

@ddimitrioglo
Copy link
Contributor

ddimitrioglo commented Nov 17, 2017
edited
Loading

  1. Requested an enhancement ReDoS vulnerability parsing Set-Cookie DevExpress/testcafe#1949
  2. Requested an enhancement Use uuid module instead of node-uuid DevExpress/testcafe#1950

@ddimitrioglo
Copy link
Contributor

@eistrati after switching to [email protected] now we have only one warning:

npm WARN deprecated [email protected]: Use uuid module instead

which is a dependency of request which is dependency of travis-ci

P.S. I've opened an issue

@ddimitrioglo
Copy link
Contributor

@avozicov I've upgraded testcafe package, please let me know if it fixed the issue
P.S. It will be testable right after releasing recink

@avozicov
Copy link
Contributor

avozicov commented Feb 1, 2018

Test Failed

Please refer to attachment for more details:
screen shot 2018-02-01 at 14 46 12

@snyk-bot snyk-bot mentioned this issue Sep 16, 2021
Open
@devs-deep devs-deep mentioned this issue Nov 30, 2023
Open
@devs-deep devs-deep mentioned this issue Apr 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ddimitrioglo ddimitrioglo

Labels
enhancement on hold
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@eistrati @ddimitrioglo @avozicov