create-guten-block icon indicating copy to clipboard operation
create-guten-block copied to clipboard

Published 20 hours ago • verified publisher icon ahmadawais

found 2 low severity vulnerabilities

Open Suzakura opened this issue 4 years ago • 1 comments

Bug Report

                       === npm audit security report ===

                                 Manual Review
             Some vulnerabilities require your attention to resolve
          Visit https://go.npm.me/audit-guide for additional guidance


  Low             Denial of Service
  Package         mem
  Patched in      >=4.0.0
  Dependency of   cgb-scripts [dev]
  Path            cgb-scripts > webpack > yargs > os-locale > mem
  More info       https://npmjs.com/advisories/1084

  Low             Prototype Pollution
  Package         yargs-parser
  Patched in      >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2
  Dependency of   cgb-scripts [dev]
  Path            cgb-scripts > webpack > yargs > yargs-parser
  More info       https://npmjs.com/advisories/1500

[email protected]

I run "npm audit" it show 2 low severity vulnerabilities for cgb-scripts.

Suzakura avatar Oct 16 '20 03:10 Suzakura

Worrying about the same issue (not sure how worried I should be).

Running npm audit fix just gives a message saying manual intervention is required, apparently because of dependencies in cgb-scripts

davidfcarr avatar May 08 '21 14:05 davidfcarr