You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@thrift.apache.org by "James E. King, III (JIRA)" <ji...@apache.org> on 2017/03/29 18:53:42 UTC

[jira] [Updated] (THRIFT-3975) Security issue in Node.js module dependencies

     [ https://issues.apache.org/jira/browse/THRIFT-3975?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

James E. King, III updated THRIFT-3975:
---------------------------------------
    Labels: security-issue  (was: )

> Security issue in Node.js module dependencies
> ---------------------------------------------
>
>                 Key: THRIFT-3975
>                 URL: https://issues.apache.org/jira/browse/THRIFT-3975
>             Project: Thrift
>          Issue Type: Bug
>          Components: Node.js - Library
>    Affects Versions: 0.9.3
>         Environment: Any
>            Reporter: Marc Trudel
>              Labels: security-issue
>
> Using RetireJS, the following information was reported:
> ws 0.4.32 has known vulnerabilities:  https://nodesecurity.io/advisories/67 advisory: DoS due to excessively large websocket message; https://nodesecurity.io/advisories/120
> project 0.0.1
> ↳ ws 0.4.32
> This shouldn't affect me in the use-case I'll be using Thrift, but should obviously get fixed at some point.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)