redbird@0.1.0

Vulnerabilities

1 via 1 paths

Dependencies

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Insufficient Validation

  • Vulnerable module: redbird
  • Introduced through: redbird@0.1.0

Detailed paths

  • Introduced through: redbird@0.1.0
    Remediation: Upgrade to redbird@0.9.1.

Overview

redbird is a complete library to build dynamic reverse proxies with the speed and robustness of http-proxy.

Affected versions of this package are vulnerable to Insufficient Validation. There is no option in lib/proxy.js which would allow for disabling TLS1.0 connections, which are considered to be vulnerable and deprecated.

Remediation

Upgrade redbird to version 0.9.1 or higher.

References