High Severity Vulnerabilty

electron-userland / electron-windows-store

:package: Turn Electron Apps into Windows AppX Packages

MIT License

678 stars 86 forks source link

High Severity Vulnerabilty #128

Closed markibanez closed 4 years ago

markibanez commented 4 years ago

Installing this package via npm resulted in a high severity vulnerability. Result of npm audit are as follows:

                       === npm audit security report ===

                                 Manual Review
             Some vulnerabilities require your attention to resolve

          Visit https://go.npm.me/audit-guide for additional guidance

  High            Arbitrary File Write

  Package         decompress

  Patched in      No patch available

  Dependency of   download

  Path            download > decompress

  More info       https://npmjs.com/advisories/1217

markibanez commented 4 years ago

My bad. The report was not for this package.