a critical vulnerable reported during the npm #1182
Comments
|
I would like to work on this, can you assign this to me |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
{{ message }}
npm audit fix
npm WARN audit fix bsock@0.1.11 node_modules/bsock
npm WARN audit fix bsock@0.1.11 is a bundled dependency of
npm WARN audit fix bsock@0.1.11 bcoin@2.2.0 at
npm WARN audit fix bsock@0.1.11 It cannot be fixed automatically.
npm WARN audit fix bsock@0.1.11 Check for updates to the bcoin package.
npm WARN audit fix bweb@0.1.9 node_modules/bweb
npm WARN audit fix bweb@0.1.9 is a bundled dependency of
npm WARN audit fix bweb@0.1.9 bcoin@2.2.0 at
npm WARN audit fix bweb@0.1.9 It cannot be fixed automatically.
npm WARN audit fix bweb@0.1.9 Check for updates to the bcoin package.
npm WARN audit fix bcurl@0.1.10 node_modules/bcurl
npm WARN audit fix bcurl@0.1.10 is a bundled dependency of
npm WARN audit fix bcurl@0.1.10 bcoin@2.2.0 at
npm WARN audit fix bcurl@0.1.10 It cannot be fixed automatically.
npm WARN audit fix bcurl@0.1.10 Check for updates to the bcoin package.
up to date, audited 31 packages in 6s
npm audit report
bsock *
Severity: critical
bsock uses weak hashing algorithms - GHSA-jj93-39pf-7mcf
No fix available
node_modules/bsock
bcurl >=0.0.1
Depends on vulnerable versions of bsock
node_modules/bcurl
bweb >=0.0.1
Depends on vulnerable versions of bsock
node_modules/bweb
3 critical severity vulnerabilities
Some issues need review, and may require choosing
a different dependency.
The text was updated successfully, but these errors were encountered: