You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Insecure Default Configuration in redbird
Moderate severity
GitHub Reviewed
Published
Jun 6, 2019
to the GitHub Advisory Database
•
Updated Jan 9, 2023
Versions of redbird prior to 0.9.1 have a vulnerable default configuration of allowing TLS 1.0 connections on lib/proxy.js. The package does not provide an option to disable TLS 1.0 which is deprecated and vulnerable.
Versions of
redbird
prior to 0.9.1 have a vulnerable default configuration of allowing TLS 1.0 connections onlib/proxy.js
. The package does not provide an option to disable TLS 1.0 which is deprecated and vulnerable.Recommendation
Upgrade to version 0.9.1 or later.
References