Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Access Restriction Bypass url-parse #739

Closed
penfold45 opened this issue Feb 17, 2022 · 1 comment · Fixed by #740
Closed

Access Restriction Bypass url-parse #739

penfold45 opened this issue Feb 17, 2022 · 1 comment · Fixed by #740
Labels
status: work in progress Twilio or the community is in the process of implementing type: twilio enhancement feature request on Twilio's roadmap

Comments

@penfold45
Copy link

Issue Summary

I do not see anything here or on stackoverflow relating to this issue
so thought I would post it. There is a security issue inside
url-parse https://security.snyk.io/vuln/SNYK-JS-URLPARSE-2401205

upgrading to the latest version appeartnly resolves the issue.

Technical details:

  • twilio-node version: 3.74
@JenniferMah JenniferMah mentioned this issue Feb 17, 2022
Merged
@JenniferMah JenniferMah added status: work in progress Twilio or the community is in the process of implementing type: twilio enhancement feature request on Twilio's roadmap labels Feb 17, 2022
@JenniferMah
Copy link
Contributor

Hi @penfold45! I've opened a PR to update this dependency. This update will be included in the next release on 2/23/22.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: work in progress Twilio or the community is in the process of implementing type: twilio enhancement feature request on Twilio's roadmap
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: update url-parse dependency twilio/twilio-node
2 participants
@penfold45 @JenniferMah