MMM-ModuleScheduler icon indicating copy to clipboard operation
MMM-ModuleScheduler copied to clipboard

Published 20 hours ago verified publisher icon ianperrin

Vulnerability Issue

Open funk0id opened this issue 1 year ago • 0 comments

2 vulnerabilities (1 moderate, 1 high) are being reported, npm audit fix returns the following...

npm audit report

minimatch <3.0.5 Severity: high minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3 fix available via npm audit fix --force Will install [email protected], which is a breaking change node_modules/minimatch mocha 5.1.0 - 9.2.1 Depends on vulnerable versions of minimatch Depends on vulnerable versions of nanoid node_modules/mocha

nanoid 3.0.0 - 3.1.30 Severity: moderate Exposure of Sensitive Information to an Unauthorized Actor in nanoid - https://github.com/advisories/GHSA-qrpm-p2h7-hrv2 fix available via npm audit fix --force Will install [email protected], which is a breaking change node_modules/nanoid

3 vulnerabilities (1 moderate, 2 high)

To address all issues (including breaking changes), run: npm audit fix --force

funk0id avatar Jan 05 '24 12:01 funk0id