sebavan
commented
2 years ago Closed by https://github.com/BabylonJS/Spector.js/commit/bc9d493e30e0401f7bf56d14befa2969823eda2a thanks for reporting
Closed danbri closed 2 years ago
sebavan
commented
2 years ago Closed by https://github.com/BabylonJS/Spector.js/commit/bc9d493e30e0401f7bf56d14befa2969823eda2a thanks for reporting
danbri
commented
2 years ago Fantastic, thanks!
npm audit report
glob-parent <5.1.2 Severity: high Regular expression denial of service in glob-parent - https://github.com/advisories/GHSA-ww39-953v-wcq6 No fix available node_modules/cpy/node_modules/glob-parent fast-glob <=2.2.7 Depends on vulnerable versions of glob-parent node_modules/cpy/node_modules/fast-glob globby 8.0.0 - 9.2.0 Depends on vulnerable versions of fast-glob node_modules/cpy/node_modules/globby cpy 7.0.0 - 8.1.2 Depends on vulnerable versions of globby node_modules/cpy snowpack-plugin-copy * Depends on vulnerable versions of cpy node_modules/snowpack-plugin-copy
serve <=10.1.1 Severity: high Handling of URL Encoding permitting access to ignored - https://github.com/advisories/GHSA-5rc4-8qqh-vq7f Cross-Site Scripting in serve - https://github.com/advisories/GHSA-cpgr-wmr9-qxv4 Cross-Site Scripting in serve - https://github.com/advisories/GHSA-xw79-hhv6-578c Path Traversal in serve - https://github.com/advisories/GHSA-48gc-5j93-5cfq Byass due to validation before canonicalization in serve - https://github.com/advisories/GHSA-wm7q-rxch-43mx Path Traversal in serve - https://github.com/advisories/GHSA-v588-qcp3-jv46 Directory Traversal in serve - https://github.com/advisories/GHSA-xg75-3277-gvvj Directory Traversal in serve - https://github.com/advisories/GHSA-q2qh-cgc2-qhr3 Information Exposure on Case Insensitive File Systems in serve - https://github.com/advisories/GHSA-686g-3xr3-x4x6 No fix available node_modules/serve serve