Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security]: cookie accepts cookie name, path, and domain with out of bounds characters #154

Open
onissen opened this issue Nov 14, 2024 · 0 comments
Labels
packages/eslint-config Anything related to the @northware/eslint-config package security Tracking einer Security Vulnerability

Comments

@onissen
Copy link
Collaborator

onissen commented Nov 14, 2024

Link zum Dependbot Alert

https://github.com/ncs-northware/northware/security/dependabot/4

Schweregrad

Low

Betroffenes Package

@eslint-community/eslint-utils

northware@ 
└─┬ @eslint-community/[email protected] extraneous -> .\node_modules\.pnpm\@[email protected][email protected][email protected]_\node_modules\@eslint-community\eslint-utils
  └─┬ [email protected] invalid: "^8.28.0" from node_modules/.pnpm/@[email protected][email protected][email protected]_/node_modules/@eslint-community/eslint-utils -> .\node_modules\.pnpm\e[email protected][email protected]\node_modules\eslint
    ├─┬ [email protected] invalid: "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint, "^11.8.3" from node_modules/.pnpm/[email protected][email protected]/node_modules/eslint -> .\node_modules\.pnpm\g[email protected]\node_modules\got
    │ └─┬ [email protected] -> .\node_modules\.pnpm\e[email protected]\node_modules\express
    │   └── [email protected] -> .\node_modules\.pnpm\c[email protected]\node_modules\cookie
    └─┬ [email protected] invalid: "^1.15.0" from node_modules/.pnpm/[email protected]/node_modules/source-map-support, "^4.31.0" from node_modules/.pnpm/[email protected]/node_modules/rxjs, "~1.14.0" from node_modules/.pnpm/[email protected]/node_modules/esprima -> .\node_modules\.pnpm\w[email protected]\node_modules\webpack
      └─┬ [email protected] -> .\node_modules\.pnpm\m[email protected][email protected]\node_modules\mini-css-extract-plugin
        └─┬ [email protected] -> .\node_modules\.pnpm\w[email protected][email protected]\node_modules\webpack-dev-server
          └─┬ [email protected] -> .\node_modules\.pnpm\e[email protected]\node_modules\express
            └── [email protected] deduped -> .\node_modules\.pnpm\c[email protected]\node_modules\cookie

Beschreibung

Das Package wird von einer ESLint dependency verwendet. Vielleicht löst sich das Problem, wenn klar ist, wie wir mit @northware/eslint-config umgehen sollen

@onissen onissen added security Tracking einer Security Vulnerability packages/eslint-config Anything related to the @northware/eslint-config package labels Nov 14, 2024
@onissen onissen added this to the ESLint Überarbeitung milestone Nov 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
packages/eslint-config Anything related to the @northware/eslint-config package security Tracking einer Security Vulnerability
Projects
None yet
Development

No branches or pull requests

1 participant