WS-2017-0330 (Medium) detected in mime-1.3.6.tgz #5
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WS-2017-0330 - Medium Severity Vulnerability
A comprehensive library for mime-type mapping
Library home page: https://registry.npmjs.org/mime/-/mime-1.3.6.tgz
Path to dependency file: /tmp/ws-scm/Website/package.json
Path to vulnerable library: /tmp/ws-scm/Website/node_modules/mime/package.json
Dependency Hierarchy:
Found in HEAD commit: 192315db4ed122ba7d7919df34e543ab6e35646b
Affected version of mime (1.0.0 throw 1.4.0 and 2.0.0 throw 2.0.2), are vulnerable to regular expression denial of service.
Publish Date: 2017-09-27
URL: WS-2017-0330
Base Score Metrics not available
Type: Upgrade version
Origin: broofa/mime@1df903f
Release Date: 2019-04-03
Fix Resolution: 1.4.1,2.0.3
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: