You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
npm module hippie installed v0.5.2 returned npm audit security vulnerability threat on npm install.
I did not find tar dependency inside hippie module in the project. Is there any solution on this vulnerability? Thanks
Following is npm audit report.
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > libcipm > npm-lifecycle > node-gyp > tar
More info https://npmjs.com/advisories/803
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > libnpm > npm-lifecycle > node-gyp > tar
More info https://npmjs.com/advisories/803
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > node-gyp > tar
More info https://npmjs.com/advisories/803
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > npm-lifecycle > node-gyp > tar
More info https://npmjs.com/advisories/803
found 4 high severity vulnerabilities in 13578 scanned packages
4 vulnerabilities require manual review. See the full report for details.
The text was updated successfully, but these errors were encountered:
npm module
hippie
installed v0.5.2 returned npm audit security vulnerability threat onnpm install
.I did not find
tar
dependency inside hippie module in the project. Is there any solution on this vulnerability? ThanksFollowing is npm audit report.
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > libcipm > npm-lifecycle > node-gyp > tar
More info https://npmjs.com/advisories/803
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > libnpm > npm-lifecycle > node-gyp > tar
More info https://npmjs.com/advisories/803
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > node-gyp > tar
More info https://npmjs.com/advisories/803
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of hippie [dev]
Path hippie > npm > npm-lifecycle > node-gyp > tar
More info https://npmjs.com/advisories/803
found 4 high severity vulnerabilities in 13578 scanned packages
4 vulnerabilities require manual review. See the full report for details.
The text was updated successfully, but these errors were encountered: