You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The @nestjs/schedule package with version 2.1.0 depends on vulnerable versions of luxonluxon 1.0.0 - 1.28.1. Severity: high.
# npm audit report
luxon 1.0.0 - 1.28.1
Severity: high
Luxon Inefficient Regular Expression Complexity vulnerability - https://github.com/advisories/GHSA-3xq5-wjfh-ppjc
fix available via `npm audit fix --force`
Will install cron@1.8.2, which is a breaking change
node_modules/luxon
cron >=1.8.3
Depends on vulnerable versions of luxon
node_modules/@nestjs/schedule/node_modules/cron
node_modules/cron
@nestjs/schedule >=2.0.1
Depends on vulnerable versions of cron
node_modules/@nestjs/schedule
3 high severity vulnerabilities
The text was updated successfully, but these errors were encountered:
PetrShchukin
changed the title
nest/schedule 2.1.0 depends on vulnerable versions of luxon
@nestjs/schedule2.1.0 depends on vulnerable versions of luxon
Jan 9, 2023
The @nestjs/schedule package with version 2.1.0 depends on vulnerable versions of luxonluxon 1.0.0 - 1.28.1. Severity: high.
The text was updated successfully, but these errors were encountered: