org.webjars.npm:superagent@1.5.0 vulnerabilities
-
latest version
7.1.6
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
a year ago
-
licenses detected
- [1.5.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:superagent package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.webjars.npm:superagent is a Small progressive client-side HTTP request library, and Node.js module with the same API, supporting many high-level HTTP client features. Affected versions of this package are vulnerable to Information Exposure due to sending the contents of Authorization to third parties. How to fix Information Exposure? Upgrade |
[,3.8.1)
|
org.webjars.npm:superagent is a Small progressive client-side HTTP request library, and Node.js module with the same API, supporting many high-level HTTP client features. Affected versions of this package are vulnerable to Denial of Service (DoS). It uncompresses responses in memory, and a malicious user may send a specially crafted zip file which will then unzip in the server and cause excessive CPU consumption. This is also known as a How to fix Denial of Service (DoS)? Upgrade |
[,3.7.0)
|