search

planetk / homebridge-netatmo

This is a homebridge plugin for several netatmo devices
Apache License 2.0
108 stars 25 forks source link

lodash minor vulnerability #81

Open mcnahum opened 5 years ago

mcnahum commented 5 years ago

I guess the package need a small update ...

found 1 low severity vulnerability
run npm audit fix to fix them, or npm audit for details
root@oznu-homebridgeV2_DEB:/homebridge# npm audit 

                   === npm audit security report ===                                                                         

                             Manual Review                                                                                   
         Some vulnerabilities require your attention to resolve                                                              

      Visit https://go.npm.me/audit-guide for additional guidance

Low Prototype Pollution

Package lodash

Patched in >=4.17.5

Dependency of homebridge-netatmo

Path homebridge-netatmo > node-cache > lodash

More info https://nodesecurity.io/advisories/577

found 1 low severity vulnerability in 12943 scanned packages
1 vulnerability requires manual review. See the full report for details.