You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
cross-spawn <6.0.6
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - GHSA-3xgq-45jj-v275
fix available via npm audit fix
node_modules/cross-spawn
gm >=1.23.0
Depends on vulnerable versions of cross-spawn
node_modules/gm
ip *
Severity: high
ip SSRF improper categorization in isPublic - GHSA-2p57-rm9w-gvfp
No fix available
node_modules/ip
uglify-js <=2.5.0
Severity: critical
Regular Expression Denial of Service in uglify-js - GHSA-c9f4-xj24-8jqx
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js - GHSA-34r7-q49f-h37c
No fix available
node_modules/uglify-js
socket.io-client 0.7.4 - 0.9.17
Depends on vulnerable versions of uglify-js
Depends on vulnerable versions of ws
Depends on vulnerable versions of xmlhttprequest
node_modules/socket.io-client
919.socket.io
Depends on vulnerable versions of socket.io-client
node_modules/919.socket.io
ws <=1.1.4
Severity: high
DoS due to excessively large websocket message in ws - GHSA-6663-c963-2gqg
Denial of Service in ws - GHSA-5v72-xg48-5rpm
Remote Memory Disclosure in ws - GHSA-2mhh-w6q8-5hxw
No fix available
node_modules/socket.io-client/node_modules/ws
xmlhttprequest <1.7.0
Severity: critical
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code Injection - GHSA-h4j5-c7cj-74xg
No fix available
node_modules/xmlhttprequest
8 vulnerabilities (5 high, 3 critical)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.
The text was updated successfully, but these errors were encountered:
npm audit report show the below
root@***-signage01:/svc/pisignage-server# npm audit report
npm audit report
cross-spawn <6.0.6
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - GHSA-3xgq-45jj-v275
fix available via
npm audit fixnode_modules/cross-spawn
gm >=1.23.0
Depends on vulnerable versions of cross-spawn
node_modules/gm
ip *
Severity: high
ip SSRF improper categorization in isPublic - GHSA-2p57-rm9w-gvfp
No fix available
node_modules/ip
uglify-js <=2.5.0
Severity: critical
Regular Expression Denial of Service in uglify-js - GHSA-c9f4-xj24-8jqx
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js - GHSA-34r7-q49f-h37c
No fix available
node_modules/uglify-js
socket.io-client 0.7.4 - 0.9.17
Depends on vulnerable versions of uglify-js
Depends on vulnerable versions of ws
Depends on vulnerable versions of xmlhttprequest
node_modules/socket.io-client
919.socket.io
Depends on vulnerable versions of socket.io-client
node_modules/919.socket.io
ws <=1.1.4
Severity: high
DoS due to excessively large websocket message in ws - GHSA-6663-c963-2gqg
Denial of Service in ws - GHSA-5v72-xg48-5rpm
Remote Memory Disclosure in ws - GHSA-2mhh-w6q8-5hxw
No fix available
node_modules/socket.io-client/node_modules/ws
xmlhttprequest <1.7.0
Severity: critical
xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code Injection - GHSA-h4j5-c7cj-74xg
No fix available
node_modules/xmlhttprequest
8 vulnerabilities (5 high, 3 critical)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.
The text was updated successfully, but these errors were encountered: