堆栈内存溢出
  简体   繁体   English

如何解决正则表达式拒绝服务等漏洞?

[英]how to solve vulnerabilities like Regular Expression Denial of Service?

 原文  2019-06-03 14:29:49       reactjs/ npm/ webpack

问题描述

When i run my react project i get this following vulnerabilities:当我运行我的反应项目时,我得到以下漏洞:

在此处输入图片说明

How can i fix this problem?我该如何解决这个问题? And can anyone please explain me what this actually is warning me about?谁能解释一下这实际上是在警告我什么? Do i need to update babel-cli ?我需要更新babel-cli吗?

I have tried to install braces@2.3.0 to see if this warning get away, but nothing changes when i install it.我尝试安装大braces@2.3.0以查看此警告是否消失,但安装时没有任何变化。

My package.json file:我的package.json文件:

{ "name": "Recordshop", "version": "1.0.0", "scripts": { "prestart": "babel-node src-gen/config/startMessage.js", "start": "npm-run-all --parallel open:src-gen lint:watch", "open:src-gen": "babel-node src-gen/config/server.dev.js", "lint": "node_modules/.bin/esw webpack.config.* src-gen src-gen/config", "lint:watch": "npm run lint -- --watch", "clean-prod": "npm run remove-prod && mkdirp prod/app", "remove-prod": "node_modules/.bin/rimraf ./prod", "build:html": "babel-node src-gen/config/buildHTML.js", "prebuild": "npm-run-all clean-prod lint build:html", "build": "babel-node src-gen/config/build.js", "postbuild": "babel-node src-gen/config/server.prod.js" }, "private": true, "optionalDependencies": { "fsevents": "*" }, "dependencies": { "babel-polyfill": "^6.23.0", "es6-promise": "^4.0.5", "isomorphic-fetch": "^2.2.1", "react": "^16.2.0", "react-dom": "^16.2.0", "react-fontawesome": "^1.6.1", "react-redux": "^5.0.5", "react-router-dom": "^4.1.1", "react-router-redux": "^4.0.7", "reduce-reducers": "^0.1.2", "redux": "^3.6.0", "redux-thunk": "^2.1.0" }, "devDependencies": { "ajv": "^5.0.0", "babel-cli": "^6.26.0", "babel-core": "^6.24.1", "babel-loader": "^7.0.0", "babel-plugin-react-display-name": "^2.0.0", "babel-plugin-transform-class-properties": "^6.24.1", "babel-plugin-transform-decorators": "6.24.1", "babel-preset-env": "^1.6.0", "babel-preset-react": "^6.24.1", "babel-preset-react-hmre": "^1.1.1", "babel-register": "^6.24.1", "chalk": "^2.1.0", "cheerio": "^1.0.0-rc.2", "colors": "^1.1.2", "compression": "^1.6.2", "compression-webpack-plugin": "^1.1.11", "cross-env": "^5.0.0", "css-loader": "^2.1.1", "eslint": "^4.19.0", "eslint-import-resolver-webpack": "^0.8.1", "eslint-plugin-import": "^2.3.0", "eslint-plugin-react": "^7.0.1", "eslint-watch": "^3.1.0", "eventsource-polyfill": "^0.9.6", "express": "^4.15.3", "extract-text-webpack-plugin": "^3.0.2", "file-loader": "^1.1.11", "image-webpack-loader": "^4.2.0", "jquery": "^3.1.1", "mkdirp": "^0.5.1", "node-sass": "^4.5.3", "npm-run-all": "^4.0.2", "open": "^6.3.0", "redux-immutable-state-invariant": "^2.0.0", "rimraf": "^2.5.4", "sass-loader": "^6.0.5", "style-loader": "^0.20.3", "url-loader": "^1.0.1", "webpack": "^4.32.2", "webpack-combine-loaders": "^2.0.3", "webpack-dev-middleware": "^2.0.5", "webpack-hot-middleware": "^2.18.0" } }

Thank you for all help!谢谢大家的帮助!

1 个解决方案

解决方案1
 0  2019-06-03 14:31:20

When i run my react project i get this following vulnerabilities:当我运行我的React项目时,出现以下漏洞:

在此处输入图片说明

How can i fix this problem?我该如何解决这个问题? And can anyone please explain me what this actually is warning me about?有人可以向我解释一下这实际上是在警告我什么吗? Do i need to update babel-cli ?我需要更新babel-cli吗?

I have tried to install braces@2.3.0 to see if this warning get away, but nothing changes when i install it.我尝试安装braces@2.3.0来查看此警告是否消失,但安装它时没有任何变化。

My package.json file:我的package.json文件:

{ "name": "Recordshop", "version": "1.0.0", "scripts": { "prestart": "babel-node src-gen/config/startMessage.js", "start": "npm-run-all --parallel open:src-gen lint:watch", "open:src-gen": "babel-node src-gen/config/server.dev.js", "lint": "node_modules/.bin/esw webpack.config.* src-gen src-gen/config", "lint:watch": "npm run lint -- --watch", "clean-prod": "npm run remove-prod && mkdirp prod/app", "remove-prod": "node_modules/.bin/rimraf ./prod", "build:html": "babel-node src-gen/config/buildHTML.js", "prebuild": "npm-run-all clean-prod lint build:html", "build": "babel-node src-gen/config/build.js", "postbuild": "babel-node src-gen/config/server.prod.js" }, "private": true, "optionalDependencies": { "fsevents": "*" }, "dependencies": { "babel-polyfill": "^6.23.0", "es6-promise": "^4.0.5", "isomorphic-fetch": "^2.2.1", "react": "^16.2.0", "react-dom": "^16.2.0", "react-fontawesome": "^1.6.1", "react-redux": "^5.0.5", "react-router-dom": "^4.1.1", "react-router-redux": "^4.0.7", "reduce-reducers": "^0.1.2", "redux": "^3.6.0", "redux-thunk": "^2.1.0" }, "devDependencies": { "ajv": "^5.0.0", "babel-cli": "^6.26.0", "babel-core": "^6.24.1", "babel-loader": "^7.0.0", "babel-plugin-react-display-name": "^2.0.0", "babel-plugin-transform-class-properties": "^6.24.1", "babel-plugin-transform-decorators": "6.24.1", "babel-preset-env": "^1.6.0", "babel-preset-react": "^6.24.1", "babel-preset-react-hmre": "^1.1.1", "babel-register": "^6.24.1", "chalk": "^2.1.0", "cheerio": "^1.0.0-rc.2", "colors": "^1.1.2", "compression": "^1.6.2", "compression-webpack-plugin": "^1.1.11", "cross-env": "^5.0.0", "css-loader": "^2.1.1", "eslint": "^4.19.0", "eslint-import-resolver-webpack": "^0.8.1", "eslint-plugin-import": "^2.3.0", "eslint-plugin-react": "^7.0.1", "eslint-watch": "^3.1.0", "eventsource-polyfill": "^0.9.6", "express": "^4.15.3", "extract-text-webpack-plugin": "^3.0.2", "file-loader": "^1.1.11", "image-webpack-loader": "^4.2.0", "jquery": "^3.1.1", "mkdirp": "^0.5.1", "node-sass": "^4.5.3", "npm-run-all": "^4.0.2", "open": "^6.3.0", "redux-immutable-state-invariant": "^2.0.0", "rimraf": "^2.5.4", "sass-loader": "^6.0.5", "style-loader": "^0.20.3", "url-loader": "^1.0.1", "webpack": "^4.32.2", "webpack-combine-loaders": "^2.0.3", "webpack-dev-middleware": "^2.0.5", "webpack-hot-middleware": "^2.18.0" } }

Thank you for all help!谢谢大家的帮助!

解决方案2
 0  2020-08-25 05:06:13

I got same error.我有同样的错误。 And it was the babel-core error.这是 babel-core 错误。 Try update babel-core using yarn add --dev babel-jest babel-core@^7.0.0-bridge.0 @babel/core regenerator-runtime尝试使用yarn add --dev babel-jest babel-core@^7.0.0-bridge.0 @babel/core regenerator-runtime更新 babel-core

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 postcss 7.0.0 - 8.2.9 严重性:中等正则表达式拒绝服务 - postcss 7.0.0 - 8.2.9 Severity: moderate Regular Expression Denial of Service 如何在反应脚本中修复正则表达式拒绝服务 - how to fix Regular Expression Denial Of Services in react script 如何解决 REACT JS 中的漏洞 - How to solve vulnerabilities in REACT JS 如何使用 create-react-app 解决 app create 中的 postcss 漏洞 - how to solve postcss vulnerabilities in app create with create-react-app 拒绝服务 - http 代理 - 反应 - Denial of Service - http proxy - React 如何在 ReactJS 中创建正则表达式 - How to Create a Regular Expression in ReactJS 如何通过人工审核修复这些漏洞? - How to fix these vulnerabilities by manual review? 如何在GraphQL中检查具有正则表达式的数组 - How to check an array with regular expression in GraphQL 反应 typescript:如何使用正则表达式 - react typescript: How to use regular expression 如何修复正则表达式未终止的正则表达式文字 - How to fix regex Unterminated regular expression literal
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM