Running npm install to install 15.0.10 reports 7 critical severity vulnerabilities #13010
mwoodpatrick
started this conversation in
Polls
Replies: 1 comment
-
|
It is already fixed by #13021 and will be released in the next version |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
On running npm install to install 15.0.10 reports 7 critical severity vulnerabilities npm reports 7 critical severity vulnerabilities, should I be concerned? Should I run "npm audit fix --force"? On running
npm audit
npm audit report
loader-utils <2.0.3
Severity: critical
Prototype pollution in webpack loader-utils - GHSA-76p3-8jx3-jpfq
fix available via
npm audit fix --forceWill install @nrwl/[email protected], which is a breaking change
node_modules/@nrwl/remix/node_modules/loader-utils
node_modules/@nrwl/webpack/node_modules/loader-utils
@nrwl/webpack *
Depends on vulnerable versions of loader-utils
node_modules/@nrwl/remix/node_modules/@nrwl/webpack
node_modules/@nrwl/webpack
@nrwl/next 12.0.2 || 12.0.5 || 14.7.6-beta.0 - 15.0.10
Depends on vulnerable versions of @nrwl/react
Depends on vulnerable versions of @nrwl/webpack
node_modules/@nrwl/next
@nrwl/node 14.7.6-beta.0 - 15.0.10
Depends on vulnerable versions of @nrwl/webpack
node_modules/@nrwl/node
@nrwl/express 12.0.2 || 12.0.5 || 14.7.6-beta.0 - 15.0.10
Depends on vulnerable versions of @nrwl/node
node_modules/@nrwl/express
@nrwl/react 12.0.2 || 12.0.5 || 14.7.6-beta.0 - 15.0.10
Depends on vulnerable versions of @nrwl/web
Depends on vulnerable versions of @nrwl/webpack
node_modules/@nrwl/react
node_modules/@nrwl/remix/node_modules/@nrwl/react
@nrwl/web 14.7.6-beta.0 - 15.0.10
Depends on vulnerable versions of @nrwl/webpack
node_modules/@nrwl/remix/node_modules/@nrwl/web
node_modules/@nrwl/web
7 critical severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
1 vote ·
Beta Was this translation helpful? Give feedback.
All reactions