NODE_GOOGLE_TRANSLATE icon indicating copy to clipboard operation
NODE_GOOGLE_TRANSLATE copied to clipboard

Published 20 hours ago verified publisher icon shikar

Found CRITICAL vulnerabilities.

Open JediMadeThis opened this issue 4 years ago • 0 comments

Version: 1.4.3

Hello, This NPM package has found CRITICAL vulnerabilities.

Logs:

High            Sandbox Breakout / Arbitrary Code Execution                   

  Package         safe-eval                                                     

  Patched in      No patch available                                            

  Dependency of   translate-google                                              

  Path            translate-google > safe-eval                                  

  More info       https://npmjs.com/advisories/1033                             


  Critical        Sandbox Breakout / Arbitrary Code Execution                   

  Package         safe-eval                                                     

  Patched in      No patch available                                            

  Dependency of   translate-google                                              

  Path            translate-google > safe-eval                                  

  More info       https://npmjs.com/advisories/1322                             

found 2 vulnerabilities (1 high, 1 critical) in 248 scanned packages
  2 vulnerabilities require manual review. See the full report for details.

JediMadeThis avatar Jan 19 '21 08:01 JediMadeThis