grunt-contrib-imagemin
grunt-contrib-imagemin copied to clipboard
Published
20 hours ago •
gruntjs
gruntjs
found 9 high severity vulnerabilities: decompress
It looks like decompress hasn't been updated since 2017. I found this alternative in another thread.
I get the following audit report with 6 vulnerabilities:
=== npm audit security report ===
# Run npm update decompress --depth 6 to resolve 6 vulnerabilities
High Arbitrary File Write
Package decompress
Dependency of grunt-contrib-imagemin [dev]
Path grunt-contrib-imagemin > imagemin-jpegtran > jpegtran-bin >
bin-build > decompress
More info https://npmjs.com/advisories/1217
High Arbitrary File Write
Package decompress
Dependency of imagemin-jpegtran [dev]
Path imagemin-jpegtran > jpegtran-bin > bin-build > decompress
More info https://npmjs.com/advisories/1217
High Arbitrary File Write
Package decompress
Dependency of grunt-contrib-imagemin [dev]
Path grunt-contrib-imagemin > imagemin-jpegtran > jpegtran-bin >
bin-build > download > decompress
More info https://npmjs.com/advisories/1217
High Arbitrary File Write
Package decompress
Dependency of imagemin-jpegtran [dev]
Path imagemin-jpegtran > jpegtran-bin > bin-build > download >
decompress
More info https://npmjs.com/advisories/1217
High Arbitrary File Write
Package decompress
Dependency of grunt-contrib-imagemin [dev]
Path grunt-contrib-imagemin > imagemin-jpegtran > jpegtran-bin >
bin-wrapper > download > decompress
More info https://npmjs.com/advisories/1217
High Arbitrary File Write
Package decompress
Dependency of imagemin-jpegtran [dev]
Path imagemin-jpegtran > jpegtran-bin > bin-wrapper > download >
decompress
More info https://npmjs.com/advisories/1217
