You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ npm audit
# npm audit report
@xmldom/xmldom <0.8.3
Severity: moderate
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom - https://github.com/advisories/GHSA-9pgh-qqpf-7wqj
fix available via `npm audit fix --force`
Will install video.js@7.15.2, which is a breaking change
node_modules/@xmldom/xmldom
mpd-parser 0.19.0 - 0.22.0 || 1.0.0
Depends on vulnerable versions of @xmldom/xmldom
node_modules/mpd-parser
@videojs/http-streaming >=2.10.2
Depends on vulnerable versions of mpd-parser
node_modules/@videojs/http-streaming
video.js >=7.15.3
Depends on vulnerable versions of @videojs/http-streaming
Depends on vulnerable versions of mpd-parser
node_modules/video.js
4 moderate severity vulnerabilities
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Additional Information
videojs-http-streaming version
videojs-http-streaming 2.14.3
videojs version
video.js 7.20.3
The text was updated successfully, but these errors were encountered:
If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.
To help make it easier for us to investigate your issue, please follow the contributing guidelines.
Description
Using the latest version of mpd-parser causes a security advisory on GitHub because of an outdated xmldom dependency
GHSA-9pgh-qqpf-7wqj
Steps to reproduce
Results
Expected
Error output
Additional Information
videojs-http-streaming version
videojs-http-streaming 2.14.3
videojs version
video.js 7.20.3
The text was updated successfully, but these errors were encountered: