generated from hmcts/expressjs-template
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
60f5919
commit b16656e
Showing
1 changed file
with
13 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,13 @@ | ||
{"actions":[],"advisories":{},"muted":[],"metadata":{"vulnerabilities":{"info":0,"low":0,"moderate":0,"high":0,"critical":0},"dependencies":471,"devDependencies":2,"optionalDependencies":0,"totalDependencies":473}} | ||
{"value":"@npmcli/move-file","children":{"ID":"@npmcli/move-file (deprecation)","Issue":"This functionality has been moved to @npmcli/fs","Severity":"moderate","Vulnerable Versions":"2.0.1","Tree Versions":["2.0.1"],"Dependents":["cacache@npm:16.1.3"]}} | ||
{"value":"are-we-there-yet","children":{"ID":"are-we-there-yet (deprecation)","Issue":"This package is no longer supported.","Severity":"moderate","Vulnerable Versions":"3.0.1","Tree Versions":["3.0.1"],"Dependents":["npmlog@npm:6.0.2"]}} | ||
{"value":"body-parser","children":{"ID":1099520,"Issue":"body-parser vulnerable to denial of service when url encoding is enabled","URL":"https://github.com/advisories/GHSA-qwcr-r2fm-qrc7","Severity":"high","Vulnerable Versions":"<1.20.3","Tree Versions":["1.20.2"],"Dependents":["cui-ra@workspace:."]}} | ||
{"value":"csurf","children":{"ID":"csurf (deprecation)","Issue":"Please use another csrf package","Severity":"moderate","Vulnerable Versions":"1.11.0","Tree Versions":["1.11.0"],"Dependents":["cui-ra@workspace:."]}} | ||
{"value":"express","children":{"ID":1099529,"Issue":"express vulnerable to XSS via response.redirect()","URL":"https://github.com/advisories/GHSA-qw6h-vgh9-j6wx","Severity":"moderate","Vulnerable Versions":"<4.20.0","Tree Versions":["4.19.2"],"Dependents":["cui-ra@workspace:."]}} | ||
{"value":"gauge","children":{"ID":"gauge (deprecation)","Issue":"This package is no longer supported.","Severity":"moderate","Vulnerable Versions":"4.0.4","Tree Versions":["4.0.4"],"Dependents":["npmlog@npm:6.0.2"]}} | ||
{"value":"glob","children":{"ID":"glob (deprecation)","Issue":"Glob versions prior to v9 are no longer supported","Severity":"moderate","Vulnerable Versions":"8.1.0","Tree Versions":["8.1.0"],"Dependents":["cacache@npm:16.1.3"]}} | ||
{"value":"inflight","children":{"ID":"inflight (deprecation)","Issue":"This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.","Severity":"moderate","Vulnerable Versions":"1.0.6","Tree Versions":["1.0.6"],"Dependents":["glob@npm:7.2.3"]}} | ||
{"value":"npmlog","children":{"ID":"npmlog (deprecation)","Issue":"This package is no longer supported.","Severity":"moderate","Vulnerable Versions":"6.0.2","Tree Versions":["6.0.2"],"Dependents":["node-gyp@npm:9.1.0"]}} | ||
{"value":"path-to-regexp","children":{"ID":1099519,"Issue":"path-to-regexp outputs backtracking regular expressions","URL":"https://github.com/advisories/GHSA-9wv6-86v2-598j","Severity":"high","Vulnerable Versions":"<0.1.10","Tree Versions":["0.1.7"],"Dependents":["express@npm:4.19.2"]}} | ||
{"value":"rimraf","children":{"ID":"rimraf (deprecation)","Issue":"Rimraf versions prior to v4 are no longer supported","Severity":"moderate","Vulnerable Versions":"3.0.2","Tree Versions":["3.0.2"],"Dependents":["node-gyp@npm:9.1.0"]}} | ||
{"value":"send","children":{"ID":1099525,"Issue":"send vulnerable to template injection that can lead to XSS","URL":"https://github.com/advisories/GHSA-m6fv-jmcg-4jfg","Severity":"moderate","Vulnerable Versions":"<0.19.0","Tree Versions":["0.18.0"],"Dependents":["express@npm:4.19.2"]}} | ||
{"value":"serve-static","children":{"ID":1099527,"Issue":"serve-static vulnerable to template injection that can lead to XSS","URL":"https://github.com/advisories/GHSA-cm22-4g7w-348p","Severity":"moderate","Vulnerable Versions":"<1.16.0","Tree Versions":["1.15.0"],"Dependents":["express@npm:4.19.2"]}} |