npm audit finds 7 vulnerabilities (1 low, 5 moderate, 1 high) #39

wanton7 · 2019-01-13T15:47:49Z

npm audit returns following vulnerabilities for marko-starter 2.0.4.

                       === npm audit security report ===


                                 Manual Review
             Some vulnerabilities require your attention to resolve

          Visit https://go.npm.me/audit-guide for additional guidance


  High            Regular Expression Denial of Service

  Package         fresh

  Patched in      >= 0.5.2

  Dependency of   marko-starter

  Path            marko-starter > marko-starter-generic-server > send > fresh

  More info       https://nodesecurity.io/advisories/526


  Moderate        Prototype pollution

  Package         hoek

  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3

  Dependency of   marko-starter

  Path            marko-starter > marko-starter-lasso > lasso-less > less >
                  request > hawk > boom > hoek

  More info       https://nodesecurity.io/advisories/566


  Moderate        Prototype pollution

  Package         hoek

  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3

  Dependency of   marko-starter

  Path            marko-starter > marko-starter-lasso > lasso-less > less >
                  request > hawk > cryptiles > boom > hoek

  More info       https://nodesecurity.io/advisories/566


  Moderate        Prototype pollution

  Package         hoek

  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3

  Dependency of   marko-starter

  Path            marko-starter > marko-starter-lasso > lasso-less > less >
                  request > hawk > hoek

  More info       https://nodesecurity.io/advisories/566


  Moderate        Prototype pollution

  Package         hoek

  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3

  Dependency of   marko-starter

  Path            marko-starter > marko-starter-lasso > lasso-less > less >
                  request > hawk > sntp > hoek

  More info       https://nodesecurity.io/advisories/566


  Moderate        Regular Expression Denial of Service

  Package         mime

  Patched in      >= 1.4.1 < 2.0.0 || >= 2.0.3

  Dependency of   marko-starter

  Path            marko-starter > marko-starter-generic-server > send > mime

  More info       https://nodesecurity.io/advisories/535


  Low             Regular Expression Denial of Service

  Package         debug

  Patched in      >= 2.6.9 < 3.0.0 || >= 3.1.0

  Dependency of   marko-starter

  Path            marko-starter > marko-starter-generic-server > send > debug

  More info       https://nodesecurity.io/advisories/534

found 7 vulnerabilities (1 low, 5 moderate, 1 high) in 3393 scanned packages

The text was updated successfully, but these errors were encountered:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

npm audit finds 7 vulnerabilities (1 low, 5 moderate, 1 high) #39

npm audit finds 7 vulnerabilities (1 low, 5 moderate, 1 high) #39

wanton7 commented Jan 13, 2019

npm audit finds 7 vulnerabilities (1 low, 5 moderate, 1 high) #39

npm audit finds 7 vulnerabilities (1 low, 5 moderate, 1 high) #39

Comments

wanton7 commented Jan 13, 2019