Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updatable node-forge 0.7.1 dependency has noted ReDOS vulnerability #225

Closed
yoiang opened this issue Mar 8, 2018 · 2 comments
Closed

Updatable node-forge 0.7.1 dependency has noted ReDOS vulnerability #225

yoiang opened this issue Mar 8, 2018 · 2 comments

Comments

@yoiang
Copy link

yoiang commented Mar 8, 2018

  • Firebase SDK version: <5.0.0 - 5.9.1

node-forge, a dependency of firebase-admin and other Firebase libraries, has a reported ReDOS vulnerability reported February 15, 2018 and described here: digitalbazaar/forge#563

As mentioned in the issue this vulnerability has been fixed in node-forge@0.7.4.
@google-oss-bot
Copy link

Hmmm this issue does not seem to follow the issue template. Make sure you provide all the required information.

@google-oss-bot
Copy link

Hey there! I couldn't figure out what this issue is about, so I've labeled it for a human to triage. Hang tight.

@hiranya911 hiranya911 mentioned this issue Mar 26, 2018
Merged
@Jeremip11 Jeremip11 mentioned this issue Dec 14, 2023
Open
@takeratta takeratta mentioned this issue Dec 14, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yoiang @google-oss-bot