You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is probably abandonware, but just so others can take note:
# npm audit report
ansi-regex 4.0.0 - 4.1.0
Severity: high
Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/inquirer/node_modules/ansi-regex
axios <=0.21.1
Severity: high
Server-Side Request Forgery in Axios - https://github.com/advisories/GHSA-4w2v-q235-vp99
Incorrect Comparison in axios - https://github.com/advisories/GHSA-cph5-m8f7-6c5x
Depends on vulnerable versions of follow-redirects
fix available via `npm audit fix --force`
Will install axios@0.27.2, which is a breaking change
node_modules/axios
elliptic <=6.5.3
Severity: high
Use of a Broken or Risky Cryptographic Algorithm - https://github.com/advisories/GHSA-r9p9-mrjm-926w
Signature Malleabillity in elliptic - https://github.com/advisories/GHSA-vh7m-p724-62c2
fix available via `npm audit fix`
node_modules/elliptic
follow-redirects <=1.14.7
Severity: high
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects - https://github.com/advisories/GHSA-pw2r-vq6v-hr8c
Exposure of sensitive information in follow-redirects - https://github.com/advisories/GHSA-74fj-2j2h-c42q
fix available via `npm audit fix --force`
Will install axios@0.27.2, which is a breaking change
node_modules/follow-redirects
axios <=0.21.1
Depends on vulnerable versions of follow-redirects
node_modules/axios
lodash <=4.17.20
Severity: high
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw
fix available via `npm audit fix`
node_modules/lodash
5 high severity vulnerabilities
The text was updated successfully, but these errors were encountered:
This is probably abandonware, but just so others can take note:
The text was updated successfully, but these errors were encountered: