aacerox/node-rest-client

NPM Vulnerability

Opened this issue · 2 comments

RecaMedia commented

Hi just wanted to mention this is what my NPM audit provided and wanted to pass along the information.

  Low             Regular Expression Denial of Service
  Package         debug
  Patched in      >= 2.6.9 < 3.0.0 || >= 3.1.0
  Dependency of   paypal-permissions-sdk
  Path            paypal-permissions-sdk > node-rest-client > debug
  More info       https://nodesecurity.io/advisories/534

Please update when possible. Thanks!

jkaeser commented

See #164... looks unlikely this will be resolved.

coderextreme commented

Is there an alternate package which doesn't have the vunerability?