2 vulnerabilities (1 moderate, 1 high)

e-oj / Fawn

Transactions for MongoDB (See the README)

https://www.npmjs.com/package/fawn

MIT License

485 stars 54 forks source link

2 vulnerabilities (1 moderate, 1 high) #85

Open hongz1 opened 4 years ago

hongz1 commented 4 years ago

Could you please update to resolve this?

Moderate Prototype Pollution
Package mpath
Patched in >=0.5.1
Dependency of fawn
Path fawn > mongoose > mpath
More info https://npmjs.com/advisories/779

High Denial of Service
Package mongodb
Patched in >=3.1.13
Dependency of fawn
Path fawn > mongoose > mongodb
More info https://npmjs.com/advisories/1203

found 2 vulnerabilities (1 moderate, 1 high) in 214 scanned packages

HeyAzhar commented 4 years ago

I think the admin doesn't care anymore.

jonasprechtl commented 3 years ago

@HeyAzhar Me too...

stavros-k commented 3 years ago

Any alternatives for 2 phase commits?