Closed MarkLyck closed 2 years ago
The following 3 vulnerabilities are detected by snyk.io when installing gitmoji-changelog.
These are introduced by outdated third party libraries: libnpm & yargs
libnpm
yargs
These vulnerabilities have been fixed in newer versions of the packages. They should be updated.
Hi @MarkLyck thank you for opening this issue 👍 You would like to open a pull request that updates these dependencies?
Fixed in #230
The following 3 vulnerabilities are detected by snyk.io when installing gitmoji-changelog.
These are introduced by outdated third party libraries:
libnpm
&yargs
Insertion of Sensitive Information into Log File
Prototype Pollution
Denial of Service (DoS)
These vulnerabilities have been fixed in newer versions of the packages. They should be updated.