search

PLVision / open_vmonitor

fast and lite web application for monitoring OVSDB (Open_vSwitch Database)
GNU Affero General Public License v3.0
43 stars 13 forks source link

fix: updated dependencies #5

Open frozen-eye opened 6 months ago

frozen-eye commented 6 months ago

Updated npm dependences to remove CVEs when possible. After updating the ovsdb-client should disappear.

# npm audit report

node-uuid  <1.4.4
Severity: high
Insecure Entropy Source - Math.random() in node-uuid - https://github.com/advisories/GHSA-265q-28rp-chq5
No fix available
node_modules/node-uuid
  ovsdb-client  *
  Depends on vulnerable versions of node-uuid
  node_modules/ovsdb-client

2 high severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.