line-bot-sdk-nodejs
line-bot-sdk-nodejs copied to clipboard
1 moderate severity vulnerability found in the the sdk
Bug Report
Describe the bug 1 moderate severity vulnerability
To Reproduce
Steps to reproduce the behavior:
- npm audit
Expected behavior no severity found
Screenshots If applicable, add screenshots to help explain your problem.
Environment (please complete the following information):
- OS: Ubuntu
- Node 16
- line-bot-sdk-nodejs 7.5.0
Additional context === npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐ │ Manual Review │ │ Some vulnerabilities require your attention to resolve │ │ │ │ Visit https://go.npm.me/audit-guide for additional guidance │ └──────────────────────────────────────────────────────────────────────────────┘ ┌───────────────┬──────────────────────────────────────────────────────────────┐ │ Moderate │ file-type vulnerable to Infinite Loop via malformed MKV file │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ file-type │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Patched in │ >=16.5.4 │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ @line/bot-sdk │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ @line/bot-sdk > file-type │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://github.com/advisories/GHSA-mhxj-85r3-2x55 │ └───────────────┴──────────────────────────────────────────────────────────────┘ found 1 moderate severity vulnerability in 285 scanned packages 1 vulnerability requires manual review. See the full report for details.