Open
Description
WS-2017-0247 - Low Severity Vulnerability
Vulnerable Library - ms-0.7.1.tgz
Tiny ms conversion utility
path: /OSWaldito/node_modules/socket.io/node_modules/ms/package.json
Library home page: http://registry.npmjs.org/ms/-/ms-0.7.1.tgz
Dependency Hierarchy:
- ❌ ms-0.7.1.tgz (Vulnerable Library)
Vulnerability Details
Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS).
Publish Date: 2017-05-15
URL: WS-2017-0247
CVSS 2 Score Details (3.4)
Base Score Metrics not available
Suggested Fix
Type: Change files
Origin: vercel/ms@305f2dd
Release Date: 2017-04-12
Fix Resolution: Replace or update the following file: index.js
Step up your Open Source Security Game with WhiteSource here
Activity