workflow_pdf_converter
workflow_pdf_converter copied to clipboard
nextcloud
[master] Fix npm audit
Audit report
This audit fix resolves 8 of the total 14 vulnerabilities found in your project.
Updated dependencies
- @nextcloud/axios
- @nextcloud/vue
- @vue/component-compiler-utils
- axios
- create-ecdh
- fast-xml-parser
- postcss
- vue-loader
Fixed vulnerabilities
@nextcloud/axios #
- Caused by vulnerable dependency:
- axios
- Affected versions: <=2.3.0
- Package usage:
node_modules/@nextcloud/axios
@nextcloud/vue #
- Caused by vulnerable dependency:
- @nextcloud/axios
- Affected versions: <=6.0.0-beta.8
- Package usage:
node_modules/@nextcloud/vue
@vue/component-compiler-utils #
- Caused by vulnerable dependency:
- postcss
- Affected versions: *
- Package usage:
node_modules/@vue/component-compiler-utils
axios #
- Axios Cross-Site Request Forgery Vulnerability
- Severity: moderate (CVSS 6.5)
- Reference: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
- Affected versions: 0.8.1 - 0.27.2
- Package usage:
node_modules/axios
create-ecdh #
- Caused by vulnerable dependency:
- elliptic
- Affected versions: >=2.0.1
- Package usage:
node_modules/create-ecdh
fast-xml-parser #
- fast-xml-parser vulnerable to ReDOS at currency parsing
- Severity: high (CVSS 7.5)
- Reference: https://github.com/advisories/GHSA-mpg4-rc92-vx8v
- Affected versions: <4.4.1
- Package usage:
node_modules/fast-xml-parser
postcss #
- PostCSS line return parsing error
- Severity: moderate (CVSS 5.3)
- Reference: https://github.com/advisories/GHSA-7fh5-64p2-3v2j
- Affected versions: <8.4.31
- Package usage:
node_modules/@vue/component-compiler-utils/node_modules/postcss
vue-loader #
- Caused by vulnerable dependency:
- @vue/component-compiler-utils
- Affected versions: 15.0.0-beta.1 - 15.11.1
- Package usage:
node_modules/vue-loader
