har-validator @0.1.31- npm warning: xmldom@0.1.31: Deprecated due to CVE-2021-21366 resolved in 0.5.0
querystring@0.2.0: - npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
YasharF
commented
1 year ago
Maintenance of node-quickbooks has been sporty. It is using deprecated and vulnerable dependenies:
requestjs - reported to the maintainer over three years ago https://github.com/mcohen01/node-quickbooks/issues/157 ; known moderate vulnerability CVE-2023-28155 https://github.com/request/request/issues/3442
jxon - unmaintained, knwon vulnerability thru xmldom: Misinterpretation of malicious XML input https://github.com/advisories/GHSA-h6q6-9hqw-rwfv
tough-cookie - tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
har-validator @0.1.31- npm warning: xmldom@0.1.31: Deprecated due to CVE-2021-21366 resolved in 0.5.0
querystring@0.2.0: - npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.