# npm audit report
fast-xml-parser <4.4.1
Severity: high
fast-xml-parser vulnerable to ReDOS at currency parsing - https://github.com/advisories/GHSA-mpg4-rc92-vx8v
fix available via `npm audit fix`
node_modules/fast-xml-parser
@aws-sdk/client-sts <=3.186.3 || 3.188.0 - 3.525.0
Depends on vulnerable versions of fast-xml-parser
node_modules/@aws-sdk/client-sts
@aws-sdk/client-cloudwatch-logs 3.12.0 - 3.525.0
Depends on vulnerable versions of @aws-sdk/client-sts
node_modules/@aws-sdk/client-cloudwatch-logs
@aws-sdk/client-codebuild 3.12.0 - 3.525.0
Depends on vulnerable versions of @aws-sdk/client-sts
node_modules/@aws-sdk/client-codebuild
4 high severity vulnerabilities
To address all issues, run:
npm audit fix
Ran npm audit fix:
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
added 365 packages, and audited 366 packages in 2s
59 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
Issue #, if available:
Description of changes:
Updating dependencies to address CVE-2024-41818
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Check any applicable:
[ ] Were any files moved? Moving files changes their URL, which breaks all hyperlinks to the files.
Ran np
Ran npm audit fix:
Issue #, if available:
Description of changes: Updating dependencies to address CVE-2024-41818
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Check any applicable: