Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
npm audit report body-parser <1.20.3 Severity: high body-parser vulnerable to denial of service when url encoding is enabled - GHSA-qwcr-r2fm-qrc7 fix available via `npm audit fix --force` Will install [email protected], which is outside the stated dependency range node_modules/body-parser express <=4.21.0 || 5.0.0-alpha.1 - 5.0.0 Depends on vulnerable versions of body-parser Depends on vulnerable versions of cookie Depends on vulnerable versions of path-to-regexp Depends on vulnerable versions of send Depends on vulnerable versions of serve-static node_modules/express cookie <0.7.0 cookie accepts cookie name, path, and domain with out of bounds characters - GHSA-pxg6-pf52-xh8x fix available via `npm audit fix --force` Will install [email protected], which is outside the stated dependency range node_modules/cookie path-to-regexp <0.1.10 Severity: high path-to-regexp outputs backtracking regular expressions - GHSA-9wv6-86v2-598j fix available via `npm audit fix --force` Will install [email protected], which is outside the stated dependency range node_modules/path-to-regexp send <0.19.0 Severity: moderate send vulnerable to template injection that can lead to XSS - GHSA-m6fv-jmcg-4jfg fix available via `npm audit fix --force` Will install [email protected], which is outside the stated dependency range node_modules/send serve-static <=1.16.0 Depends on vulnerable versions of send node_modules/serve-static 6 vulnerabilities (1 low, 2 moderate, 3 high)
- Loading branch information
