Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WARNING] found 2 vulnerabilities #69

Closed
rrfaria opened this issue Jan 5, 2020 · 1 comment
Closed

[WARNING] found 2 vulnerabilities #69

rrfaria opened this issue Jan 5, 2020 · 1 comment

Comments

@rrfaria
Copy link

rrfaria commented Jan 5, 2020

=== npm audit security report ===

                            Manual Review                                                          
        Some vulnerabilities require your attention to resolve                 
                                                                                                             
     Visit https://go.npm.me/audit-guide for additional guidance

Moderate Denial of Service

│ Package │ js-yaml

│ Patched in │ >=3.13.0

│ Dependency of │ babel-plugin-inline-react-svg [dev]

│ Path │ babel-plugin-inline-react-svg > svgo > js-yaml

│ More info │ https://npmjs.com/advisories/788

│ High │ Code Injection

│ Package │ js-yaml

│ Patched in │ >=3.13.1

│ Dependency of │ babel-plugin-inline-react-svg [dev]

│ Path │ babel-plugin-inline-react-svg > svgo > js-yaml

│ More info │ https://npmjs.com/advisories/813

found 2 vulnerabilities (1 moderate, 1 high)
@ljharb
Copy link
Collaborator

ljharb commented Jan 5, 2020

These are non-problems with our usage of svgo; duplicate of #45. See #34, #35.

See also, #45 (comment) and #45 (comment)

@ljharb ljharb closed this as completed Jan 5, 2020
@ljharb ljharb mentioned this issue Jan 13, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ljharb @rrfaria