security vulnerability

Github is sending weekly email alerts:

```

  | joyent / eng                                      Known security vulnerabilities detected                                                                                                                                                                                               Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie | Version                         < 2.3.3 | Upgrade to                     ~> 2.3.3 | Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity | CVE-2017-15010                           High severity | CVE-2016-1000232                           Moderate severity | Defined in                                        package-lock.json |  
-- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | -- | --
Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie | Version                         < 2.3.3 | Upgrade to                     ~> 2.3.3 | Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity | CVE-2017-15010                           High severity | CVE-2016-1000232                           Moderate severity | Defined in                                        package-lock.json |  
Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie | Version                         < 2.3.3 | Upgrade to                     ~> 2.3.3 | Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity | CVE-2017-15010                           High severity | CVE-2016-1000232                           Moderate severity | Defined in                                        package-lock.json |  
Dependency                   tough-cookie                                                       Version                         < 2.3.3                                                                                Upgrade to                     ~> 2.3.3                                                                                   Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity                                                                                                                        Defined in                                        package-lock.json | Dependency                   tough-cookie | Version                         < 2.3.3 | Upgrade to                     ~> 2.3.3 | Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity | CVE-2017-15010                           High severity | CVE-2016-1000232                           Moderate severity | Defined in                                        package-lock.json |  
Dependency                   tough-cookie | Version                         < 2.3.3 | Upgrade to                     ~> 2.3.3
Vulnerabilities                                                                                              CVE-2017-15010                           High severity                                                                                                                           CVE-2016-1000232                           Moderate severity | CVE-2017-15010                           High severity | CVE-2016-1000232                           Moderate severity | Defined in                                        package-lock.json |  
CVE-2017-15010                           High severity
CVE-2016-1000232                           Moderate severity

```

..which can also be viewed here: https://github.com/joyent/eng/network/alerts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

security vulnerability #15

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

security vulnerability #15

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions