browser-image-resizer icon indicating copy to clipboard operation
browser-image-resizer copied to clipboard

Published 20 hours ago verified publisher icon ericnograles

BUG: It depends on vulnerable versions of exifreader, forcing the fix to version 2.0.1 breaks the lib.

Open kabapy opened this issue 2 years ago • 0 comments

npm audit report

xmldom * Severity: moderate Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-h6q6-9hqw-rwfv fix available via npm audit fix --force Will install [email protected], which is a breaking change node_modules/xmldom exifreader 2.7.0 - 3.16.0 Depends on vulnerable versions of xmldom node_modules/exifreader browser-image-resizer >=2.1.0 Depends on npm audit report

xmldom * Severity: moderate Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-h6q6-9hqw-rwfv fix available via npm audit fix --force Will install [email protected], which is a breaking change node_modules/xmldom exifreader 2.7.0 - 3.16.0 Depends on vulnerable versions of xmldom node_modules/exifreader browser-image-resizer >=2.1.0 Depends on vulnerable versions of exifreader node_modules/browser-image-resizer

3 vulnerabilities (2 low, 1 moderate) node_modules/browser-image-resizer

3 vulnerabilities (2 low, 1 moderate)

here is a listing of all installed packages:

+-- @quasar/[email protected] +-- @quasar/[email protected] +-- @vueuse/[email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] +-- [email protected] `-- [email protected]

kabapy avatar Aug 23 '22 16:08 kabapy