Skip to content

Dependency security vulnerabilities #24

Open
Open
Dependency security vulnerabilities#24
@rafaelbatistamarcilio

Description

@rafaelbatistamarcilio
rafaelbatistamarcilio
opened on Mar 15, 2020

Hello people,

Some security vulnerabilities was reported by npm audit
High Insufficient Entropy
Package cryptiles
Patched in >=4.1.2
Dependency of css-inliner
Path less > request > hawk > cryptiles
More info https://npmjs.com/advisories/1464

Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of css-inliner
Path less > request > hawk > boom > hoek
More info https://npmjs.com/advisories/566

Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of css-inliner
Path less > request > hawk > cryptiles > boom > hoek
More info https://npmjs.com/advisories/566

Any prevision to fix it ?

Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of css-inliner
Path less > request > hawk > hoek
More info https://npmjs.com/advisories/566

Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of css-inliner
Path less > request > hawk > sntp > hoek
More info https://npmjs.com/advisories/566

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions