I have noticed that this package is using a vulnerable firebase-admin version. firebase-admin version and its peer dependencies currently used in nuxt/firebase are responsible for multiple critical vulnerabilities.
If you run npm audit you'll find these CVE's being referenced:
Version @nuxtjs/firebase: 8.2.2
Hi! 👋
I have noticed that this package is using a vulnerable
firebase-admin
version. firebase-admin version and its peer dependencies currently used in nuxt/firebase are responsible for multiple critical vulnerabilities.If you run
npm audit
you'll find these CVE's being referenced:https://github.com/advisories/GHSA-4g6q-77j7-vvjc https://github.com/advisories/GHSA-h755-8qp9-cq85
I want to propose updating firebase-admin to
12.1.0
This issue body was partially generated by patch-package.