You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › libnpm@2.0.1 › npm-lifecycle@2.1.0 › node-gyp@3.8.0 › tar@2.2.1 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › libcipm@3.0.3 › npm-lifecycle@2.1.0 › node-gyp@3.8.0 › tar@2.2.1 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › libnpm@2.0.1 › npm-lifecycle@2.1.0 › node-gyp@3.8.0 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › libcipm@3.0.3 › npm-lifecycle@2.1.0 › node-gyp@3.8.0 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › npm-lifecycle@2.1.0 › node-gyp@3.8.0 › tar@2.2.1 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › npm-lifecycle@2.1.0 › node-gyp@3.8.0 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › node-gyp@3.8.0 › tar@2.2.1 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Introduced through: fec-cms@1.0.0 › npm@6.8.0 › node-gyp@3.8.0 › fstream@1.0.11 Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Vulnerable functions
lib/writer.Writer.prototype._stat.statCb()
Overview
fstream is a None
Affected versions of this package are vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system and a file that matches the hardlink will overwrite the system's file with the contents of the extracted file.
Remediation
Upgrade fstream to version 1.0.12 or higher.
The text was updated successfully, but these errors were encountered:
Arbitrary File Overwrite
Vulnerable module: fstream
Introduced through: npm@6.8.0
Detailed paths and remediation
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Remediation: Your dependencies are out of date, otherwise you would be using a newer fstream than fstream@1.0.11. Try reinstalling your dependencies. If the problem persists, one of your dependencies may be bundling outdated modules.
Vulnerable functions
lib/writer.Writer.prototype._stat.statCb()
Overview
fstream is a None
Affected versions of this package are vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system and a file that matches the hardlink will overwrite the system's file with the contents of the extracted file.
Remediation
Upgrade fstream to version 1.0.12 or higher.
The text was updated successfully, but these errors were encountered: