-
Notifications
You must be signed in to change notification settings - Fork 20
Expand file tree
/
Copy pathaudit-output.txt
More file actions
62 lines (62 loc) · 2.81 KB
/
audit-output.txt
File metadata and controls
62 lines (62 loc) · 2.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
├─ [38;5;166m@types/[39m[38;5;173mdiff[39m
│ ├─ ID: [38;5;111m@types/diff (deprecation)[39m
│ ├─ Issue: This is a stub types definition. diff provides its own type definitions, so you do not need this installed.
│ ├─ Severity: moderate
│ ├─ Vulnerable Versions: [38;5;37m8.0.0[39m
│ │
│ ├─ Tree Versions
│ │ └─ [38;5;111m8.0.0[39m
│ │
│ └─ Dependents
│ └─ [38;5;166m@agentmark-ai/[39m[38;5;173mui-components[39m[38;5;111m@[39m[38;5;111mworkspace:packages/ui-components[39m
│
├─ [38;5;173mai[39m
│ ├─ ID: [38;5;220m1111095[39m
│ ├─ Issue: Vercel’s AI SDK's filetype whitelists can be bypassed when uploading files
│ ├─ URL: [38;5;170mhttps://github.com/advisories/GHSA-rwvc-j5jr-mgvh[39m
│ ├─ Severity: low
│ ├─ Vulnerable Versions: [38;5;37m<5.0.52[39m
│ │
│ ├─ Tree Versions
│ │ └─ [38;5;111m4.3.19[39m
│ │
│ └─ Dependents
│ ├─ [38;5;166m@agentmark-ai/[39m[38;5;173mai-sdk-v4-adapter[39m[38;5;111m@[39m[38;5;111mworkspace:packages/ai-sdk-v4-adapter[39m
│ └─ [38;5;166m@mastra/[39m[38;5;173mcore[39m[38;5;111m@[39m[38;5;111mnpm:0.13.2 [e812c][39m
│
├─ [38;5;173majv[39m
│ ├─ ID: [38;5;220m1113714[39m
│ ├─ Issue: ajv has ReDoS when using `$data` option
│ ├─ URL: [38;5;170mhttps://github.com/advisories/GHSA-2g4f-4pwh-qvx6[39m
│ ├─ Severity: moderate
│ ├─ Vulnerable Versions: [38;5;37m<6.14.0[39m
│ │
│ ├─ Tree Versions
│ │ └─ [38;5;111m6.12.6[39m
│ │
│ └─ Dependents
│ └─ [38;5;173meslint[39m[38;5;111m@[39m[38;5;111mnpm:9.39.2 [f9974][39m
│
├─ [38;5;173mglob[39m
│ ├─ ID: [38;5;111mglob (deprecation)[39m
│ ├─ Issue: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
│ ├─ Severity: moderate
│ ├─ Vulnerable Versions: [38;5;37m10.5.0[39m
│ │
│ ├─ Tree Versions
│ │ └─ [38;5;111m10.5.0[39m
│ │
│ └─ Dependents
│ └─ [38;5;173mshelljs[39m[38;5;111m@[39m[38;5;111mnpm:0.8.5[39m
│
└─ [38;5;173mprebuild-install[39m
├─ ID: [38;5;111mprebuild-install (deprecation)[39m
├─ Issue: No longer maintained. Please contact the author of the relevant native addon; alternatives are available.
├─ Severity: moderate
├─ Vulnerable Versions: [38;5;37m7.1.3[39m
│
├─ Tree Versions
│ └─ [38;5;111m7.1.3[39m
│
└─ Dependents
└─ [38;5;173mbetter-sqlite3[39m[38;5;111m@[39m[38;5;111mnpm:12.6.2[39m