I wanted to report some vulnerabilities that should be fixed before this package gets out of LTS.
Here's the list:
- Gravity: high, package:
minimatch, path: loopback-component-storage > pkgcloud > liboneandone > mocha > glob > minimatch, patched in: 3.0.2
- Gravity: CRITICAL, package:
growl, path: loopback-component-storage > pkgcloud > liboneandone > mocha > growl, patched in: 1.10.2
- Gravity: Low, package:
debug, patched in 3.1.0
- Gravity: Moderate, package:
swagger-ui, fixed in 3.20
- Gravity: Low, package:
minimist, patched in: 1.2.3
- Gravity: High, package:
node-forge, patched in 0.10.0
How to reproduce
npm audit will show the vulnerabilities.
I wanted to report some vulnerabilities that should be fixed before this package gets out of LTS.
Here's the list:
minimatch, path:loopback-component-storage > pkgcloud > liboneandone > mocha > glob > minimatch, patched in:3.0.2growl, path:loopback-component-storage > pkgcloud > liboneandone > mocha > growl, patched in:1.10.2debug, patched in3.1.0swagger-ui, fixed in3.20minimist, patched in:1.2.3node-forge, patched in0.10.0How to reproduce
npm auditwill show the vulnerabilities.