pretty-repl icon indicating copy to clipboard operation
pretty-repl copied to clipboard
verified publisher icon mongodb-js

npm audit gives 4 moderate severity vulnerabilities

Open martian17 opened this issue 3 years ago • 0 comments

npm audit output

# npm audit report

highlight.js  <=10.4.0
Severity: moderate
ReDOS vulnerabities: multiple grammars - https://github.com/advisories/GHSA-7wwv-vh3v-89cq
Prototype Pollution in highlight.js - https://github.com/advisories/GHSA-vfrc-7r7c-w9mx
No fix available
node_modules/highlight.js
  emphasize  <=4.1.0
  Depends on vulnerable versions of highlight.js
  Depends on vulnerable versions of lowlight
  node_modules/emphasize
    pretty-repl  *
    Depends on vulnerable versions of emphasize
    node_modules/pretty-repl
  lowlight  <=1.16.0
  Depends on vulnerable versions of highlight.js
  node_modules/lowlight

4 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

martian17 avatar Sep 11 '22 06:09 martian17