Open github-actions[bot] opened 1 year ago
# npm audit report
@sideway/formula 3.0.0
Severity: moderate
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability - https://github.com/advisories/GHSA-c2jc-4fpr-4vhg
fix available via `npm audit fix`
node_modules/@sideway/formula
http-cache-semantics <4.1.1
Severity: high
http-cache-semantics vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-rc47-6667-2j5j
fix available via `npm audit fix`
node_modules/http-cache-semantics
json5 <1.0.2 || >=2.0.0 <2.2.2
Severity: high
Prototype Pollution in JSON5 via Parse Method - https://github.com/advisories/GHSA-9c47-m6qq-7p4h
Prototype Pollution in JSON5 via Parse Method - https://github.com/advisories/GHSA-9c47-m6qq-7p4h
fix available via `npm audit fix`
node_modules/json5
node_modules/tsconfig-paths/node_modules/json5
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
No fix available
node_modules/request
coinbase-pro *
Depends on vulnerable versions of request
node_modules/coinbase-pro
vm2 <=3.9.15
Severity: critical
vm2 vulnerable to sandbox escape - https://github.com/advisories/GHSA-7jxr-cg7f-gpgv
vm2 Sandbox Escape vulnerability - https://github.com/advisories/GHSA-xj72-wvfv-8985
fix available via `npm audit fix`
node_modules/vm2
6 vulnerabilities (3 moderate, 2 high, 1 critical)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.
# npm audit report
@sideway/formula 3.0.0
Severity: moderate
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability - https://github.com/advisories/GHSA-c2jc-4fpr-4vhg
fix available via `npm audit fix`
node_modules/@sideway/formula
http-cache-semantics <4.1.1
Severity: high
http-cache-semantics vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-rc47-6667-2j5j
fix available via `npm audit fix`
node_modules/http-cache-semantics
json5 <1.0.2 || >=2.0.0 <2.2.2
Severity: high
Prototype Pollution in JSON5 via Parse Method - https://github.com/advisories/GHSA-9c47-m6qq-7p4h
Prototype Pollution in JSON5 via Parse Method - https://github.com/advisories/GHSA-9c47-m6qq-7p4h
fix available via `npm audit fix`
node_modules/json5
node_modules/tsconfig-paths/node_modules/json5
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
No fix available
node_modules/request
coinbase-pro *
Depends on vulnerable versions of request
node_modules/coinbase-pro
vm2 <=3.9.15
Severity: critical
vm2 vulnerable to sandbox escape - https://github.com/advisories/GHSA-7jxr-cg7f-gpgv
vm2 Sandbox Escape vulnerability - https://github.com/advisories/GHSA-xj72-wvfv-8985
fix available via `npm audit fix`
node_modules/vm2
6 vulnerabilities (3 moderate, 2 high, 1 critical)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.