Open CodelCZ opened 10 months ago
Severity: high Regular Expression Denial of Service in semver - https://github.com/advisories/GHSA-x6fg-f45m-jf5q semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw No fix available
Some issues need review, and may require choosing a different dependency.
Run npm audit
for details.
carlosventura@server seus-gama % npm audit
bl <=1.2.2 Severity: moderate Memory Exposure in bl - https://github.com/advisories/GHSA-wrw9-m778-g6mc Remote Memory Exposure in bl - https://github.com/advisories/GHSA-pp7h-53gx-mx7r No fix available node_modules/levelup/node_modules/bl levelup 0.9.0 - 1.0.0-5 Depends on vulnerable versions of bl Depends on vulnerable versions of semver node_modules/levelup browserify-fs * Depends on vulnerable versions of levelup node_modules/browserify-fs
The used openssl version is not the latest and contains vulnerabilities. Is it possible to update it to the latest one? Thanks.