-
Vulnerable Library - fabric-contract-api-2.5.6.tgz
Path to dependency file: /pi-coin/chaincode/package.json
Path to vulnerable library: /pi-coin/chaincode/node_modules/async/package.json
Found i…
-
There is no file extension. Is it .tgz ?
-
### Issue Description
During the deployment of the `api` service using Firebase tools, the process fails with an error related to `pnpm` dependencies and an outdated lockfile. The error message ind…
-
## CVE-2024-4068 - High Severity Vulnerability
Vulnerable Libraries - braces-3.0.2.tgz, braces-2.3.2.tgz
braces-3.0.2.tgz
Bash-like brace expansion, implemented in JavaScript. Safer than other bra…
-
My computer is a Surface based on Windows ARM architecture, and I also encountered the same problem. I have tried to delete `package-lock.json` and `node_modules`, and then re-executed t…
-
见日志:
```
Download icu...
--2024-07-06 10:17:23-- https://mirrors.oneinstack.com/oneinstack/src/icu4c-63_1-src.tgz
Resolving mirrors.oneinstack.com (mirrors.oneinstack.com)... 203.205.136.188, 4…
-
## CVE-2022-25883 - High Severity Vulnerability
Vulnerable Libraries - semver-6.3.0.tgz, semver-5.7.1.tgz, semver-7.0.0.tgz, semver-5.5.0.tgz, semver-5.3.0.tgz, semver-5.7.0.tgz, semver-6.0.0.tgz
s…
-
## 🐞 Bug Report
#### Describe the bug
Hey @evoactivity! 👋🏻
It seems a local version of an npm tarball is present in the latest published package: https://www.npmjs.com/package/ember-svg-jar/…
-
There is a line in `package.json`:
https://github.com/import-js/eslint-import-resolver-typescript/blob/ca11f1c538714252ff058a8e1c680796ee5775d0/package.json#L66
That causes warning during the in…
-
## CVE-2024-4067 - Medium Severity Vulnerability
Vulnerable Libraries - micromatch-3.1.10.tgz, micromatch-4.0.2.tgz
micromatch-3.1.10.tgz
Glob matching for javascript/node.js. A drop-in replacemen…