Closed nYCSTs closed 3 months ago
# npm audit report
bootstrap <=3.4.0
Severity: moderate
bootstrap Cross-site Scripting vulnerability - https://github.com/advisories/GHSA-ph58-4vrj-w6hr
XSS vulnerability that affects bootstrap - https://github.com/advisories/GHSA-3mgp-fx93-9xv5
Bootstrap Vulnerable to Cross-Site Scripting - https://github.com/advisories/GHSA-9v3m-8fp8-mj99
Bootstrap Cross-site Scripting vulnerability - https://github.com/advisories/GHSA-4p24-vmcr-4gqj
Bootstrap vulnerable to Cross-Site Scripting (XSS) - https://github.com/advisories/GHSA-3wqf-4x89-9g79
Bootstrap Cross-site Scripting vulnerability - https://github.com/advisories/GHSA-7mvr-5x2g-wfc8
fix available via `npm audit fix --force`
Will install bootstrap@3.4.1, which is outside the stated dependency range
node_modules/bootstrap
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix --force`
Will install react-scripts@3.0.1, which is a breaking change
node_modules/svgo/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
Depends on vulnerable versions of resolve-url-loader
node_modules/react-scripts
postcss <8.4.31
Severity: moderate
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
fix available via `npm audit fix --force`
Will install react-scripts@3.0.1, which is a breaking change
node_modules/resolve-url-loader/node_modules/postcss
resolve-url-loader 0.0.1-experiment-postcss || 3.0.0-alpha.1 - 4.0.0
Depends on vulnerable versions of postcss
node_modules/resolve-url-loader
ws 7.0.0 - 7.5.9 || 8.0.0 - 8.17.0
Severity: high
ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q
ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q
fix available via `npm audit fix`
node_modules/webpack-dev-server/node_modules/ws
node_modules/ws
10 vulnerabilities (3 moderate, 7 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
# npm audit report
bootstrap <=3.4.0
Severity: moderate
bootstrap Cross-site Scripting vulnerability - https://github.com/advisories/GHSA-ph58-4vrj-w6hr
XSS vulnerability that affects bootstrap - https://github.com/advisories/GHSA-3mgp-fx93-9xv5
Bootstrap Vulnerable to Cross-Site Scripting - https://github.com/advisories/GHSA-9v3m-8fp8-mj99
Bootstrap Cross-site Scripting vulnerability - https://github.com/advisories/GHSA-4p24-vmcr-4gqj
Bootstrap vulnerable to Cross-Site Scripting (XSS) - https://github.com/advisories/GHSA-3wqf-4x89-9g79
Bootstrap Cross-site Scripting vulnerability - https://github.com/advisories/GHSA-7mvr-5x2g-wfc8
fix available via `npm audit fix --force`
Will install bootstrap@3.4.1, which is outside the stated dependency range
node_modules/bootstrap
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix --force`
Will install react-scripts@3.0.1, which is a breaking change
node_modules/svgo/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
Depends on vulnerable versions of resolve-url-loader
node_modules/react-scripts
postcss <8.4.31
Severity: moderate
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
fix available via `npm audit fix --force`
Will install react-scripts@3.0.1, which is a breaking change
node_modules/resolve-url-loader/node_modules/postcss
resolve-url-loader 0.0.1-experiment-postcss || 3.0.0-alpha.1 - 4.0.0
Depends on vulnerable versions of postcss
node_modules/resolve-url-loader
ws 7.0.0 - 7.5.9 || 8.0.0 - 8.17.0
Severity: high
ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q
ws affected by a DoS when handling a request with many HTTP headers - https://github.com/advisories/GHSA-3h5v-q93c-6h6q
fix available via `npm audit fix`
node_modules/webpack-dev-server/node_modules/ws
node_modules/ws
10 vulnerabilities (3 moderate, 7 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Descrição
Fetch de credenciais a partir do token do usuario, visando evitar a passagem manual do parametro na url