[jira] [Commented] (THRIFT-3975) Security issue in Node.js module dependencies

Jon (JIRA) Wed, 29 Mar 2017 10:06:12 -0700

    [ 
https://issues.apache.org/jira/browse/THRIFT-3975?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15947527#comment-15947527
 ]


Jon commented on THRIFT-3975:
-----------------------------

duplicated by THRIFT-4064



> Security issue in Node.js module dependencies
> ---------------------------------------------
>
>                 Key: THRIFT-3975
>                 URL: https://issues.apache.org/jira/browse/THRIFT-3975
>             Project: Thrift
>          Issue Type: Bug
>          Components: Node.js - Library
>    Affects Versions: 0.9.3
>         Environment: Any
>            Reporter: Marc Trudel
>
> Using RetireJS, the following information was reported:
> ws 0.4.32 has known vulnerabilities:  https://nodesecurity.io/advisories/67 
> advisory: DoS due to excessively large websocket message; 
> https://nodesecurity.io/advisories/120
> project 0.0.1
> ↳ ws 0.4.32
> This shouldn't affect me in the use-case I'll be using Thrift, but should 
> obviously get fixed at some point.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (THRIFT-3975) Security issue in Node.js module dependencies

Reply via email to