Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

npm audit found vulnerabilities #17

Closed
github-actions bot opened this issue Nov 20, 2021 · 23 comments · Fixed by #18
Closed

npm audit found vulnerabilities #17

github-actions bot opened this issue Nov 20, 2021 · 23 comments · Fixed by #18
Labels
waiting-for-third-party

Comments

@github-actions
Copy link
Contributor 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.
@boly38
Copy link
Owner

boly38 commented Nov 20, 2021

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

8 similar comments
@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/json-schema
  jsprim  0.3.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim
    http-signature  1.0.0 - 1.3.5
    Depends on vulnerable versions of jsprim
    node_modules/http-signature
      request  >=2.66.0
      Depends on vulnerable versions of http-signature
      node_modules/request
        dropbox-v2-api  *
        Depends on vulnerable versions of request
        node_modules/dropbox-v2-api

5 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

12 similar comments
@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 1, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 2, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 3, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 4, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 5, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 6, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 7, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 8, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author

github-actions bot commented Dec 9, 2021 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

@github-actions
Copy link
Contributor Author 

# npm audit report

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

2 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

boly38 added a commit that referenced this issue Dec 12, 2021
@boly38
Fix #17 npm update fixing npm audit
1fa33a8
@boly38 boly38 mentioned this issue Dec 12, 2021
Merged
boly38 added a commit that referenced this issue Dec 12, 2021
@boly38
Fix #17 npm update fixing npm audit
acebf5a
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
waiting-for-third-party
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix #17 npm update fixing npm audit boly38/drobadi
1 participant
@boly38