node-virustotal
node-virustotal copied to clipboard
Published
20 hours ago •
natewatson999
natewatson999
Improper Privilege Management in shelljs
I am getting high vulnerabilities issue. with the latest package 3.35.0. Node Version: 16.18.0
shelljs <0.8.5
Severity: high
Improper Privilege Management in shelljs - https://github.com/advisories/GHSA-4rq4-32rv-6wp6
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/shelljs
node-virustotal >=2.0.9
Depends on vulnerable versions of shelljs
node_modules/node-virustotal
When I installed [email protected] then again got the same issue.
tar <=4.4.17
Severity: high
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization - https://github.com/advisories/GHSA-5955-9wpr-37jh
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links - https://github.com/advisories/GHSA-9r2w-394v-53qc
Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization - https://github.com/advisories/GHSA-3jfq-g458-7qm9
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning - https://github.com/advisories/GHSA-r628-mhmh-qjhw
fix available via `npm audit fix --force`
Will install [email protected], which is outside the stated dependency range
node_modules/tar
node-virustotal 0.4.7 - 3.18.0
Depends on vulnerable versions of emailjs
Depends on vulnerable versions of tar
node_modules/node-virustotal
When I installed [email protected] then again got the same issue.
shelljs <0.8.5
Severity: high
Improper Privilege Management in shelljs - https://github.com/advisories/GHSA-4rq4-32rv-6wp6
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/shelljs
node-virustotal >=0.5.4
Depends on vulnerable versions of emailjs
Depends on vulnerable versions of shelljs
node_modules/node-virustotal
