brenoatgetmomo

Versions of uglify-js prior to 2.4.24 are affected by a vulnerability which may cause crafted JavaScript to have altered functionality after minification. Recommendation: Upgrade UglifyJS to version >= 2.4.24.

js-yaml -> gray-matter -> grunt-assemble Versions of js-yaml prior to 3.13.1 are vulnerable to Code Injection. The load() function may execute arbitrary code injected through a malicious YAML file. Objects...

braces -> micromatch -> findup-sync -> cwd -> resolve-dep -> grunt-assemble The NPM package braces fails to limit the number of characters it can handle, which could lead to Memory...

We should update consolidate dependency to its last version. There is a vulnerability in underscore used in consolidate. The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before...