You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 6, 2023. It is now read-only.
node-fetch <=2.6.0 || 3.0.0-beta.1 - 3.0.0-beta.8
Denial of Service - https://npmjs.com/advisories/1556
fix available via npm audit fix --force
Will install [email protected], which is outside the stated dependency range
node_modules/@ampproject/toolbox-optimizer/node_modules/node-fetch
node_modules/cross-fetch/node_modules/node-fetch
@ampproject/toolbox-optimizer 2.5.0-alpha.0 - 2.7.1-alpha.0
Depends on vulnerable versions of cross-fetch
Depends on vulnerable versions of node-fetch
node_modules/@ampproject/toolbox-optimizer
next 9.2.1-canary.0 - 10.0.7-canary.8
Depends on vulnerable versions of @ampproject/toolbox-optimizer
Depends on vulnerable versions of resolve-url-loader
node_modules/next
cross-fetch <=3.0.5
Depends on vulnerable versions of node-fetch
node_modules/cross-fetch
@ampproject/toolbox-validator-rules <=2.5.4
Depends on vulnerable versions of cross-fetch
node_modules/@ampproject/toolbox-validator-rules
object-path < 0.11.5
Severity: high
Prototype Pollution - https://npmjs.com/advisories/1573
fix available via npm audit fix --force
Will install [email protected], which is outside the stated dependency range
node_modules/object-path
adjust-sourcemap-loader 0.1.0 - 2.0.0
Depends on vulnerable versions of object-path
node_modules/adjust-sourcemap-loader
resolve-url-loader 0.0.1-experiment-postcss || 2.0.0 - 3.1.1 || 4.0.0-alpha.1
Depends on vulnerable versions of adjust-sourcemap-loader
node_modules/resolve-url-loader
next 9.2.1-canary.0 - 10.0.7-canary.8
Depends on vulnerable versions of @ampproject/toolbox-optimizer
Depends on vulnerable versions of resolve-url-loader
node_modules/next
9 vulnerabilities (5 low, 4 high)
The text was updated successfully, but these errors were encountered:
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
When initializing the project I get notified of 4 high vuln. Full audit report:
➜ npm audit
npm audit report
ini <1.3.6
Prototype Pollution - https://npmjs.com/advisories/1589
fix available via
npm audit fix
node_modules/ini
node-fetch <=2.6.0 || 3.0.0-beta.1 - 3.0.0-beta.8
Denial of Service - https://npmjs.com/advisories/1556
fix available via
npm audit fix --force
Will install [email protected], which is outside the stated dependency range
node_modules/@ampproject/toolbox-optimizer/node_modules/node-fetch
node_modules/cross-fetch/node_modules/node-fetch
@ampproject/toolbox-optimizer 2.5.0-alpha.0 - 2.7.1-alpha.0
Depends on vulnerable versions of cross-fetch
Depends on vulnerable versions of node-fetch
node_modules/@ampproject/toolbox-optimizer
next 9.2.1-canary.0 - 10.0.7-canary.8
Depends on vulnerable versions of @ampproject/toolbox-optimizer
Depends on vulnerable versions of resolve-url-loader
node_modules/next
cross-fetch <=3.0.5
Depends on vulnerable versions of node-fetch
node_modules/cross-fetch
@ampproject/toolbox-validator-rules <=2.5.4
Depends on vulnerable versions of cross-fetch
node_modules/@ampproject/toolbox-validator-rules
object-path < 0.11.5
Severity: high
Prototype Pollution - https://npmjs.com/advisories/1573
fix available via
npm audit fix --force
Will install [email protected], which is outside the stated dependency range
node_modules/object-path
adjust-sourcemap-loader 0.1.0 - 2.0.0
Depends on vulnerable versions of object-path
node_modules/adjust-sourcemap-loader
resolve-url-loader 0.0.1-experiment-postcss || 2.0.0 - 3.1.1 || 4.0.0-alpha.1
Depends on vulnerable versions of adjust-sourcemap-loader
node_modules/resolve-url-loader
next 9.2.1-canary.0 - 10.0.7-canary.8
Depends on vulnerable versions of @ampproject/toolbox-optimizer
Depends on vulnerable versions of resolve-url-loader
node_modules/next
9 vulnerabilities (5 low, 4 high)
The text was updated successfully, but these errors were encountered: