Closed dependasec[bot] closed 2 years ago
检测到 bahmutov/local-cypress 一共引入了331个开源组件,存在1个漏洞
漏洞标题:ansi-regex 安全漏洞 缺陷组件:ansi-regex@5.0.0 漏洞编号:CVE-2021-3807 漏洞描述:Ansi-Regex是用于匹配ANSI 转义码的正则表达式。 ansi-regex 存在安全漏洞,该漏洞源于易受低效正则表达式复杂性的影响。 影响范围:(2.1.1, 5.0.1) 最小修复版本:5.0.1 缺陷组件引入路径:local-cypress@0.0.0-development->semantic-release@19.0.2->yargs@16.2.0->string-width@4.2.0->strip-ansi@6.0.0->ansi-regex@5.0.0 local-cypress@0.0.0-development->semantic-release@19.0.2->yargs@16.2.0->cliui@7.0.4->strip-ansi@6.0.0->ansi-regex@5.0.0 local-cypress@0.0.0-development->cypress@9.5.2->cli-table3@0.6.1->string-width@4.2.0->strip-ansi@6.0.0->ansi-regex@5.0.0 local-cypress@0.0.0-development->cypress@9.5.2->listr2@3.14.0->wrap-ansi@7.0.0->strip-ansi@6.0.0->ansi-regex@5.0.0
另外还有几个漏洞,详细报告:https://mofeisec.com/jr?p=a743f6
检测到 bahmutov/local-cypress 一共引入了331个开源组件,存在1个漏洞
另外还有几个漏洞,详细报告:https://mofeisec.com/jr?p=a743f6