security vulnerabilites

new10com / axios-logger

Library that should be used as axios request/response interceptor for logging request/response details

MIT License

14 stars 2 forks source link

security vulnerabilites #29

Closed xenoterracide closed 2 years ago

xenoterracide commented 2 years ago

we have this CVE

CVE-2022-21704 (Low) detected in log4js-6.3.0.tgz

  log4js@"^6.3.0" from @new10com/axios-logger@0.2.2
  node_modules/@new10com/axios-logger
    @new10com/axios-logger@"^0.2.0" from back-end@0.0.0
    back-end
      back-end@0.0.0
      node_modules/back-end
        workspace back-end from the root project
    @new10com/axios-logger@"^0.2.2" from the root project

azakordonets commented 2 years ago

Thanks, will look it up

azakordonets commented 2 years ago

I have updated log4js version to the latest 6.4.6 in the 0.2.6 version of axios-logger @xenoterracide