Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update risky deps #797

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore: update risky deps #797

wants to merge 1 commit into from

Conversation

escapedcat
Copy link
Collaborator

@escapedcat escapedcat commented Nov 18, 2024
edited
Loading 

# npm audit report

@eslint/plugin-kit  <0.2.3
Severity: high
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit - https://github.com/advisories/GHSA-7q7g-4xm8-89cq
fix available via `npm audit fix`
node_modules/@eslint/plugin-kit

cookie  <0.7.0
cookie accepts cookie name, path, and domain with out of bounds characters - https://github.com/advisories/GHSA-pxg6-pf52-xh8x
fix available via `npm audit fix`
node_modules/cookie
  @bundled-es-modules/cookie  2.0.0
  Depends on vulnerable versions of cookie
  node_modules/@bundled-es-modules/cookie

cross-spawn  <7.0.5
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275
fix available via `npm audit fix`
node_modules/cross-spawn

4 vulnerabilities (2 low, 2 high)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cstenglein cstenglein Awaiting requested review from cstenglein

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@escapedcat