-
npm audit
lodash
-
Oolong runs the risk of prototype contamination when using inherited attributes in the function merge ()
https://github.com/lelecolacola123/oolong/blob/3f121c527d734ed689294af52cd4ecb823e1a099/index…
-
```
# npm audit report
minimist
-
Hello, I'm getting a CodeQL alert for a Prototype-polluting function.
There is a guard in place (highlighted in image below):
Source code is here: https://github.com/mui/material-ui/blob/v4.x/…
-
Request is now deprecated - it has several unadressed issues.
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
tough-cookie Prototype Pollution vulnerabil…
-
// TODO: unsolveable prototype pollution without banning filenames. tried using map, but recursive traversal wont work as the instances are distinct (not writing to the original state dict)
// on the…
-
Although the master was modified to include the latest dependencies, there was no new release since, making the most recent version vulnerable:
https://registry.npmjs.org/paperspace-node/-/paperspace…
-
I've found that extend 3.0.1 has a security problem. Any prognostics on when you can change it? Thanks
More info here: https://www.npmjs.com/advisories/996
-
**Issue: xml2js@0.4.23
Fixed In: xml2js@0.5.0
Introduced through: express-xml-bodyparser@0.3.0 › xml2js@0.4.23**
Please upgrade internal package **xml2js** (v0.4.23 to v0.5.0) of **express-xml-bo…
-
npm audit is informing me of this vulnerability:
```
xml2js