Skip to content

Commit

Permalink
chore: Upgrade axios to 1.6.0 to resolve CVE-2023-45857 (#115)
Browse files Browse the repository at this point in the history
  • Loading branch information
@sumitsuthar
sumitsuthar committed Oct 27, 2023
1 parent 2e4a2e0 commit 1116c6b
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 6 deletions.
5 changes: 4 additions & 1 deletion lib/nr-security-agent/lib/core/connections/websocket/response/fuzz-request-handler.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,10 @@ function handleFuzzResponse(response, fuzzDetails) {
*/
function parseAxiosHttpRequestToFuzz(requestObject) {
let serverName = requestObject.serverName ? requestObject.serverName : LOCALHOST;
let host = serverName + COLON + requestObject.serverPort
let host = serverName + COLON + requestObject.serverPort;
if(requestObject.headers && requestObject.headers['content-length']){
delete requestObject.headers['content-length'];
}
return {
url: requestObject.protocol + COLON_SLASH_SLASH + host + requestObject.url,
method: requestObject.method,
Expand Down
27 changes: 23 additions & 4 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@
},
"dependencies": {
"@aws-sdk/client-lambda": "^3.405.0",
"axios": "0.21.4",
"axios": "1.6.0",
"check-disk-space": "3.3.1",
"content-type": "^1.0.5",
"fast-safe-stringify": "^2.1.1",
Expand Down

0 comments on commit 1116c6b

Please sign in to comment.