svg2 Fix security vulnerabilities - The package depends on vulnerable versions of jimp package

Fix security vulnerabilities - The package depends on vulnerable versions of jimp package

Open jacekkoziol opened this issue 7 months ago • 0 comments

The package depends on vulnerable versions of jimp package. The jimp should be updated.

# npm audit report

phin  <3.7.1
Severity: moderate
phin may include sensitive headers in subsequent requests after redirect - https://github.com/advisories/GHSA-x565-32qp-m3vf
No fix available
node_modules/phin
  @jimp/core  <=0.21.4--canary.1163.d07ed6254d130e2995d24101e93427ec091016e6.0
  Depends on vulnerable versions of phin
  node_modules/@jimp/core
    @jimp/custom  <=0.21.4--canary.1163.d07ed6254d130e2995d24101e93427ec091016e6.0
    Depends on vulnerable versions of @jimp/core
    node_modules/@jimp/custom
      jimp  0.3.6-alpha.5 - 0.21.4--canary.1163.d07ed6254d130e2995d24101e93427ec091016e6.0
      Depends on vulnerable versions of @jimp/custom
      node_modules/jimp
        oslllo-svg2  *
        Depends on vulnerable versions of jimp
        node_modules/oslllo-svg2

5 moderate severity vulnerabilities

Jul 18 '24 11:07 jacekkoziol

svg2 svg2 copied to clipboard

Fix security vulnerabilities - The package depends on vulnerable versions of jimp package

svg2
svg2 copied to clipboard