"Machine-In-The-Middle" Vulnerability Caused by https-proxy-agent Dependency #15878
Description
This was an NPM advisory that was published earlier today. Running npm audit fix does not solve the problem. Seems like the fix is as simple as updating this dependency for angular-cli.
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High Machine-In-The-Middle
Package https-proxy-agent
Patched in >=3.0.0
Dependency of @angular/cli [dev]
Path @angular/cli > @schematics/update > pacote >
make-fetch-happen > https-proxy-agent
More info https://npmjs.com/advisories/1184 View More
High Machine-In-The-Middle
Package https-proxy-agent
Patched in >=3.0.0
Dependency of @angular/cli [dev]
Path @angular/cli > pacote > make-fetch-happen >
https-proxy-agent
More info https://npmjs.com/advisories/1184
High Machine-In-The-Middle
Package https-proxy-agent
Patched in >=3.0.0
Dependency of @angular/cli [dev]
Path @angular/cli > @schematics/update > pacote >
npm-registry-fetch > make-fetch-happen > https-proxy-agent
More info https://npmjs.com/advisories/1184
High Machine-In-The-Middle
Package https-proxy-agent
Patched in >=3.0.0
Dependency of @angular/cli [dev]
Path @angular/cli > pacote > npm-registry-fetch >
make-fetch-happen > https-proxy-agent
More info https://npmjs.com/advisories/1184