[THRIFT-5427] Thrift v0.14.1 contains dependecy to vulnerable `ws` module - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 0.14.1
Fix Version/s: None
Component/s: Node.js - Library
Labels:
None

Description

Currently thrift v0.14.1 contains dependecy of `ws` module v5.2.2 which is vulnerable. To fix the vulnerability you need to update `ws` module with version 7.4.6. Please have a look and advise ETA.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Hitendra Singh Hada

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 01/Jun/21 17:51

Updated:: 03/Aug/21 20:05