firstrunwizard icon indicating copy to clipboard operation
firstrunwizard copied to clipboard
verified publisher icon nextcloud

[stable30] Fix npm audit

Open nextcloud-command opened this issue 9 months ago • 0 comments

Audit report

This audit fix resolves 6 of the total 17 vulnerabilities found in your project.

Updated dependencies

  • @babel/helpers
  • @babel/runtime
  • @nextcloud/dialogs
  • axios
  • vite
  • vue-resize

Fixed vulnerabilities

@babel/helpers #

  • Babel has inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups
  • Severity: moderate (CVSS 6.2)
  • Reference: https://github.com/advisories/GHSA-968p-4wvh-cqc8
  • Affected versions: <7.26.10
  • Package usage:
    • node_modules/@babel/helpers

@babel/runtime #

  • Babel has inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups
  • Severity: moderate (CVSS 6.2)
  • Reference: https://github.com/advisories/GHSA-968p-4wvh-cqc8
  • Affected versions: <7.26.10
  • Package usage:
    • node_modules/@babel/runtime

@nextcloud/dialogs #

  • Caused by vulnerable dependency:
    • @nextcloud/vue
    • vue
    • vue-frag
  • Affected versions: >=4.2.0-beta.1
  • Package usage:
    • node_modules/@nextcloud/dialogs

axios #

vite #

  • Caused by vulnerable dependency:
    • esbuild
  • Affected versions: 0.11.0 - 6.1.1
  • Package usage:
    • node_modules/vite

vue-resize #

  • Caused by vulnerable dependency:
    • vue
  • Affected versions: 0.4.0 - 1.0.1
  • Package usage:
    • node_modules/vue-resize

nextcloud-command avatar Mar 16 '25 03:03 nextcloud-command