High vulnerabilities in pouchdb-fauxton used by pouchdb-server

pouchdb / pouchdb-server

CouchDB-compatible server built on PouchDB and Node

Apache License 2.0

944 stars 155 forks source link

High vulnerabilities in pouchdb-fauxton used by pouchdb-server #441

Open joemc11 opened 3 years ago

joemc11 commented 3 years ago

Can the dependency of pouchdb-fauxton be removed or replaced. Looks like pouchdb-fauxton hasn't been updated in four years. pouchdb-fauxton uses jquery 2.2.4 and has known vulnerabilities: CVE-2015-9251, CVE-2020-11022