WS-2018-0076 Medium Severity Vulnerability detected by WhiteSource #59
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WS-2018-0076 - Medium Severity Vulnerability
HTTP proxy tunneling agent. Formerly part of mikeal/request, now a standalone module.
path: /tmp/git/jenkins-material-theme/node_modules/tunnel-agent/package.json
Library home page: https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.4.3.tgz
Dependency Hierarchy:
Versions of tunnel-agent before 0.6.0 are vulnerable to memory exposure.
This is exploitable if user supplied input is provided to the auth value and is a number.
Publish Date: 2018-04-25
URL: WS-2018-0076
Base Score Metrics not available
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: