Frontend dependencies show vulnerabilities #28369
Unanswered
lclerigues
asked this question in
Q&A / Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
After having problems initalizing superset (master, pulled on 03 of May) I tired the solutions showcased in #17076 and had this pop up after the npm install
audit fix revealed 44 vulnerabilities (4 low, 12 moderate, 27 high, 1 critical) that werent fixable ( 24 high, 1 critical werent even by --force)
the critical being:
and the high:
node-fetch <=2.6.6 : node-fetch forwards secure headers to untrusted sites / The
size
option isn't honored after following a redirect in node-fetchxlsx * : Prototype Pollution in sheetJS / SheetJS Regular Expression Denial of Service (ReDoS)
d3-color <3.1.0 : d3-color vulnerable to ReDoS
should I be worried? specially about the malware?
Beta Was this translation helpful? Give feedback.
All reactions