Express.js logo Express.js logo
Nodejs.cn 旗下网站

安全更新

¥Security updates

Node.js 漏洞直接影响 Express。因此,密切关注 Node.js 漏洞 并确保你使用的是最新稳定版本的 Node.js。

¥Node.js vulnerabilities directly affect Express. Therefore, keep a watch on Node.js vulnerabilities and make sure you are using the latest stable version of Node.js.

下面的列表列举了指定版本更新中修复的 Express 漏洞。

¥The list below enumerates the Express vulnerabilities that were fixed in the specified version update.

注意

如果你认为你在 Express 中发现了安全漏洞,请参阅 安全政策和程序

¥If you believe you have discovered a security vulnerability in Express, please see Security Policies and Procedures.

4.x {#4x}

3.x {#3x}

Express 3.x 已终止使用,不再维护

¥Express 3.x IS END-OF-LIFE AND NO LONGER MAINTAINED

自上次更新(2015 年 8 月 1 日)以来,3.x 中已知和未知的安全和性能问题尚未得到解决。强烈建议使用最新版本的 Express。

¥Known and unknown security and performance issues in 3.x have not been addressed since the last update (1 August, 2015). It is highly recommended to use the latest version of Express.

如果你无法升级到 3.x 以上,请考虑 商业支持选项

¥If you are unable to upgrade past 3.x, please consider Commercial Support Options.