Downstream Regular Expression Denial of Service vulnerabilities pulled in via @segment/top-domain@3.0.0 #159

mkj28 · 2018-11-05T05:56:37Z

amplitude-js@4.4.0 › @segment/top-domain@3.0.0 › component-cookie@1.1.4 › debug@2.2.0
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16137

amplitude-js@4.4.0 › @segment/top-domain@3.0.0 › component-cookie@1.1.4 › debug@2.2.0 › ms@0.7.1
vercel/ms#89

mkj28 · 2019-02-07T20:20:39Z

same as #163

blazzy · 2019-03-27T00:43:27Z

Fixed in the latest release. Thanks for your report.

blazzy closed this as completed Mar 27, 2019

Provide feedback