Closed lacymorrow closed 6 years ago
Prototype Override Protection Bypass SEVERITY: HIGH Discovered in a nested dependency: grunt-contrib-watch@1.0.0tiny-lr@0.2.1qs@5.1.0 https://snyk.io/vuln/npm:qs:20170213?utm_source=bithound
Prototype Override Protection Bypass SEVERITY: HIGH Discovered in a nested dependency: grunt-contrib-watch@1.0.0tiny-lr@0.2.1body-parser@1.14.2qs@5.2.0 https://snyk.io/vuln/npm:qs:20170213?utm_source=bithound
Regular Expression Denial of Service (ReDoS) SEVERITY: LOW Discovered in a nested dependency: grunt-contrib-watch@1.0.0tiny-lr@0.2.1debug@2.2.0ms@0.7.1 https://snyk.io/vuln/npm:ms:20170412?utm_source=bithound
Security warnings are present in many packages used by tiny-lr, please update to a secure version.
@shama would it be possible for you to do an update to resolve this security issue? It's rated high severity.
Fixed with https://github.com/gruntjs/grunt-contrib-watch/pull/543 thanks!
Prototype Override Protection Bypass SEVERITY: HIGH Discovered in a nested dependency: grunt-contrib-watch@1.0.0tiny-lr@0.2.1qs@5.1.0 https://snyk.io/vuln/npm:qs:20170213?utm_source=bithound
Prototype Override Protection Bypass SEVERITY: HIGH Discovered in a nested dependency: grunt-contrib-watch@1.0.0tiny-lr@0.2.1body-parser@1.14.2qs@5.2.0 https://snyk.io/vuln/npm:qs:20170213?utm_source=bithound
Regular Expression Denial of Service (ReDoS) SEVERITY: LOW Discovered in a nested dependency: grunt-contrib-watch@1.0.0tiny-lr@0.2.1debug@2.2.0ms@0.7.1 https://snyk.io/vuln/npm:ms:20170412?utm_source=bithound
Security warnings are present in many packages used by tiny-lr, please update to a secure version.