Bump ws to 8.17.1

Question

Bump ws to 8.17.1

Closed this issue 5 months ago · 2 comments

Describe the bug

The current version of ws utilized by lighthouse core is affected by the following vulnerability: DoS when handling a request with many HTTP headers

Requesting an update to this dependency to the latest version of 8.17.1. I would also be interested in creating a PR to resolve the vulnerability myself. If that makes sense, can you provide any specific guidance on next steps? Thanks!

Reproduction

No response

System / Nuxt Info

No response

Answer 1 · 2024-07-15T09:38:45.000Z

Hi, thanks for the issue. I've just pushed out a release with bumped deps.

Answer 2 · 2024-07-15T12:22:51.000Z

Hi, thanks for the issue. I've just pushed out a release with bumped deps.

That did it, thanks!