parsejson v0.0.3 has ReDoS vulnerable. see https://nodesecurity.io/advisories/528
yosuke-furukawa opened this issue · comments
Note: for support questions, please use one of these channels: stackoverflow or slack
https://nodesecurity.io/advisories/528
You want to:
- report a bug
- request a feature
Current behaviour
fail nsp check.
Steps to reproduce (if the current behaviour is a bug)
run nsp.
Expected behaviour
pass nsp check.
Setup
- OS: n/a
- browser: n/a
- engine.io version: v3.1.1
Other information (e.g. stacktraces, related issues, suggestions how to fix)
Closed by #580.