twofactor_totp
twofactor_totp copied to clipboard

Published 20 hours ago •

Reame
Issues

[stable28] Fix npm audit

Open nextcloud-command opened this issue 1 year ago • 1 comments

Audit report

This audit fix resolves 6 of the total 8 vulnerabilities found in your project.

Updated dependencies

@vue/component-compiler-utils
@vue/test-utils
micromatch
postcss
vue-loader
vue-template-compiler

Fixed vulnerabilities

@vue/component-compiler-utils #

Caused by vulnerable dependency:
- postcss
Affected versions: *
Package usage:
- node_modules/@vue/component-compiler-utils

@vue/test-utils #

Caused by vulnerable dependency:
- vue-template-compiler
Affected versions: <=1.3.6
Package usage:
- node_modules/@vue/test-utils

micromatch #

Regular Expression Denial of Service (ReDoS) in micromatch
Severity: moderate
Reference: https://github.com/advisories/GHSA-952p-6rrq-rcjv
Affected versions: <4.0.8
Package usage:
- node_modules/micromatch

postcss #

PostCSS line return parsing error
Severity: moderate (CVSS 5.3)
Reference: https://github.com/advisories/GHSA-7fh5-64p2-3v2j
Affected versions: <8.4.31
Package usage:
- node_modules/@vue/component-compiler-utils/node_modules/postcss

vue-loader #

Caused by vulnerable dependency:
- @vue/component-compiler-utils
Affected versions: 15.0.0-beta.1 - 15.11.1
Package usage:
- node_modules/vue-loader

vue-template-compiler #

vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)
Severity: moderate (CVSS 4.2)
Reference: https://github.com/advisories/GHSA-g3ch-rx76-35fx
Affected versions: >=2.0.0
Package usage:
- node_modules/vue-template-compiler

Aug 25 '24 03:08 nextcloud-command