Open pumano opened 5 years ago
Currently trymodule contains 41 vulnerabilities (35 moderate, 6 high) due to not updated packages. @victorb please update packages.
trymodule
List of outdated packages with vulnerabilities:
Severity: Moderate Type: ReDoS Package brace-expansion Patched in >=1.1.7 Dependency of trymodule Path trymodule > npmi > npm > fs-vacuum > rimraf > glob > minimatch > brace-expansion Path trymodule > npmi > npm > fstream-npm > fstream-ignore > minimatch > brace-expansion Path trymodule > npmi > npm > node-gyp > fstream > rimraf > glob > minimatch > brace-expansion More info https://nodesecurity.io/advisories/338
Severity: Moderate Type: Prototype pollution Package hoek Patched in > 4.2.0 < 5.0.0 || >= 5.0.3 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > hawk > boom > hoek Path trymodule > npmi > npm > node-gyp > request > hawk > cryptiles > boom > hoek Path trymodule > npmi > npm > node-gyp > request > hawk > hoek Path trymodule > npmi > npm > node-gyp > request > hawk > sntp > hoek Path trymodule > npmi > npm > npm-registry-client > request > hawk > boom > hoek Path trymodule > npmi > npm > npm-registry-client > request > hawk > cryptiles > boom > hoek Path trymodule > npmi > npm > npm-registry-client > request > hawk > hoek Path trymodule > npmi > npm > npm-registry-client > request > hawk > sntp > hoek Path trymodule > npmi > npm > request > hawk > boom > hoek Path trymodule > npmi > npm > request > hawk > cryptiles > boom > hoek Path trymodule > npmi > npm > request > hawk > hoek Path trymodule > npmi > npm > request > hawk > sntp > hoek More info https://nodesecurity.io/advisories/566
Severity: High Type: Regular Expression Denial of Service Package sshpk Patched in >=1.13.2 < 1.14.0 || >=1.14.1 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > http-signature > sshpk Path trymodule > npmi > npm > npm-registry-client > request > http-signature > sshpk Path trymodule > npmi > npm > request > http-signature > sshpk More info https://nodesecurity.io/advisories/606
Severity: High Type: Regular Expression Denial of Service Package tough-cookie Patched in >=2.3.3 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > tough-cookie Path trymodule > npmi > npm > npm-registry-client > request > tough-cookie Path trymodule > npmi > npm > request > tough-cookie More info https://nodesecurity.io/advisories/525
Severity: Moderate Type: Memory Exposure Package tunnel-agent Patched in >=0.6.0 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > tunnel-agent Path trymodule > npmi > npm > npm-registry-client > request > tunnel-agent Path trymodule > npmi > npm > request > tunnel-agent More info https://nodesecurity.io/advisories/598
Severity: Moderate Type: Out-of-bounds Read Package stringstream Patched in >=0.0.6 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > stringstream Path trymodule > npmi > npm > npm-registry-client > request > stringstream Path trymodule > npmi > npm > request > stringstream More info https://nodesecurity.io/advisories/664
Currently
trymodule
contains 41 vulnerabilities (35 moderate, 6 high) due to not updated packages. @victorb please update packages.List of outdated packages with vulnerabilities:
Severity: Moderate Type: ReDoS
Package brace-expansion
Patched in >=1.1.7
Dependency of trymodule Path trymodule > npmi > npm > fs-vacuum > rimraf > glob > minimatch > brace-expansion
Path trymodule > npmi > npm > fstream-npm > fstream-ignore > minimatch > brace-expansion
Path trymodule > npmi > npm > node-gyp > fstream > rimraf > glob > minimatch > brace-expansion
More info https://nodesecurity.io/advisories/338
Severity: Moderate
Type: Prototype pollution Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > hawk > boom > hoek Path trymodule > npmi > npm > node-gyp > request > hawk > cryptiles > boom > hoek
Path trymodule > npmi > npm > node-gyp > request > hawk > hoek Path trymodule > npmi > npm > node-gyp > request > hawk > sntp > hoek
Path trymodule > npmi > npm > npm-registry-client > request > hawk > boom > hoek
Path trymodule > npmi > npm > npm-registry-client > request > hawk > cryptiles > boom > hoek
Path trymodule > npmi > npm > npm-registry-client > request > hawk > hoek
Path trymodule > npmi > npm > npm-registry-client > request > hawk > sntp > hoek
Path trymodule > npmi > npm > request > hawk > boom > hoek Path trymodule > npmi > npm > request > hawk > cryptiles > boom > hoek
Path trymodule > npmi > npm > request > hawk > hoek Path trymodule > npmi > npm > request > hawk > sntp > hoek More info https://nodesecurity.io/advisories/566
Severity: High
Type: Regular Expression Denial of Service
Package sshpk Patched in >=1.13.2 < 1.14.0 || >=1.14.1 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > http-signature > sshpk
Path trymodule > npmi > npm > npm-registry-client > request > http-signature > sshpk
Path trymodule > npmi > npm > request > http-signature > sshpk More info https://nodesecurity.io/advisories/606
Severity: High
Type: Regular Expression Denial of Service Package tough-cookie
Patched in >=2.3.3 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > tough-cookie Path trymodule > npmi > npm > npm-registry-client > request > tough-cookie
Path trymodule > npmi > npm > request > tough-cookie More info https://nodesecurity.io/advisories/525
Severity: Moderate
Type: Memory Exposure Package tunnel-agent Patched in >=0.6.0 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > tunnel-agent Path trymodule > npmi > npm > npm-registry-client > request > tunnel-agent
Path trymodule > npmi > npm > request > tunnel-agent More info https://nodesecurity.io/advisories/598
Severity: Moderate
Type: Out-of-bounds Read Package stringstream Patched in >=0.0.6 Dependency of trymodule Path trymodule > npmi > npm > node-gyp > request > stringstream Path trymodule > npmi > npm > npm-registry-client > request > stringstream Path trymodule > npmi > npm > request > stringstream More info https://nodesecurity.io/advisories/664