xboxlive-auth The dependency Axios has a security breach

The dependency Axios has a security breach

Open AwesomeCap opened this issue 1 year ago • 1 comments

axios 0.8.1 - 1.5.1 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx No fix available node_modules/@xboxreplay/xboxlive-auth/node_modules/axios node_modules/prismarine-auth/node_modules/axios @xboxreplay/xboxlive-auth >=3.0.1 Depends on vulnerable versions of axios

Nov 16 '23 21:11 AwesomeCap

Hello, As the axios syntax hasn't changed, you can just look for "node_modules/@xboxreplay/xboxlive-auth" and replace the axios dependency version from ^0.21.1 to >=0.21.1, so it will select the most recent version

Mar 31 '24 09:03 amolinarius

xboxlive-auth xboxlive-auth copied to clipboard

The dependency Axios has a security breach

xboxlive-auth
xboxlive-auth copied to clipboard