Skip to content
This repository has been archived by the owner on Apr 11, 2023. It is now read-only.

Trustbloc: Upgrade loader-utils (npm) to fix ReDOS vulnerability #459

Open
biljanaLukovic opened this issue Nov 24, 2022 · 0 comments
Open

Trustbloc: Upgrade loader-utils (npm) to fix ReDOS vulnerability #459

biljanaLukovic opened this issue Nov 24, 2022 · 0 comments

Comments

@biljanaLukovic
Copy link

HIGH Severity Regular Expression Denial of Service (ReDoS) vulnerability was identified by github in : loader-utils

Package: loader-utils ( npm )
Affected versions Patched versions

= 1.0.0, < 1.4.2 1.4.2
= 2.0.0, < 2.0.4 2.0.4
= 3.0.0, < 3.2.1 3.2.1

Vulnerable modules:
trustbloc/sandbox
• cmd/login-consent-server-vue/package-lock.json

trustbloc/adapter

• cmd/issuer-adapter-vue/package-lock.json
• cmd/rp-adapter-vue/package-lock.json
• cmd/wallet-adapter-web/package-lock.json
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@biljanaLukovic