contacts
contacts copied to clipboard
nextcloud
[stable6.0] Fix npm audit
Audit report
This audit fix resolves 6 of the total 9 vulnerabilities found in your project.
Updated dependencies
- @vue/component-compiler-utils
- axios
- elliptic
- micromatch
- postcss
- vue-loader
Fixed vulnerabilities
@vue/component-compiler-utils #
- Caused by vulnerable dependency:
- postcss
- Affected versions: *
- Package usage:
node_modules/@vue/component-compiler-utils
axios #
- Server-Side Request Forgery in axios
- Severity: high
- Reference: https://github.com/advisories/GHSA-8hc4-vh64-cxmj
- Affected versions: 1.3.2 - 1.7.3
- Package usage:
node_modules/axios
elliptic #
- Elliptic's EDDSA missing signature length check
- Severity: low (CVSS 5.3)
- Reference: https://github.com/advisories/GHSA-f7q4-pwc6-w24p
- Affected versions: 2.0.0 - 6.5.6
- Package usage:
node_modules/elliptic
micromatch #
- Regular Expression Denial of Service (ReDoS) in micromatch
- Severity: moderate
- Reference: https://github.com/advisories/GHSA-952p-6rrq-rcjv
- Affected versions: <4.0.8
- Package usage:
node_modules/micromatch
postcss #
- PostCSS line return parsing error
- Severity: moderate (CVSS 5.3)
- Reference: https://github.com/advisories/GHSA-7fh5-64p2-3v2j
- Affected versions: <8.4.31
- Package usage:
node_modules/postcss
vue-loader #
- Caused by vulnerable dependency:
- @vue/component-compiler-utils
- Affected versions: 15.0.0-beta.1 - 15.11.1
- Package usage:
node_modules/vue-loader
