Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vulnerabilities found - npm audit #72

Open
svankireddy-cartera opened this issue Jun 5, 2018 · 0 comments
Open

vulnerabilities found - npm audit #72

svankireddy-cartera opened this issue Jun 5, 2018 · 0 comments

Comments

@svankireddy-cartera
Copy link

svankireddy-cartera commented Jun 5, 2018

npm audit

added 74   packages from 81 contributors and removed 46 packages in 16.781s     [!] 4 vulnerabilities found [337533 packages audited]         Severity: 2 Low \| 2 High         Run `npm audit` for more   detail                                          === npm audit   security report ===                                     

             Manual Review                  Some vulnerabilities   require your attention to resolve                    Visit   https://go.npm.me/audit-guide for additional guidance          

       High            Regular Expression Denial of Service            Package         minimatch            Patched in      >=3.0.2            Dependency of   can-compile            Path            can-compile > glob > minimatch            More info         https://nodesecurity.io/advisories/118       

          High            Cross-Site Scripting            Package         handlebars            Patched in      >=4.0.0            Dependency of   can-compile            Path            can-compile > handlebars            More info         https://nodesecurity.io/advisories/61            

     Low             Incorrect Handling of   Non-Boolean Comparisons During                       Minification            Package         uglify-js            Patched in      >= 2.4.24            Dependency of   can-compile            Path            can-compile > handlebars >   uglify-js            More info         https://nodesecurity.io/advisories/39         

        Low             Regular Expression Denial of   Service            Package         uglify-js            Patched in      >=2.6.0            Dependency of   can-compile            Path            can-compile > handlebars >   uglify-js            More info         https://nodesecurity.io/advisories/48               [!] 4 vulnerabilities found - Packages audited: 337533 (0 dev, 0   optional)         Severity: 2 Low \| 2 High
--





@svankireddy-cartera svankireddy-cartera changed the title https://www.npmjs.com/package/can-compile vulnerabilities found - can-compile Jun 5, 2018
@svankireddy-cartera svankireddy-cartera changed the title vulnerabilities found - can-compile vulnerabilities found - npm audit Jun 5, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant