You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello
Whenever I am running npm install, I am getting critical severity vulnerabilities. npm audit fix --force rollback express-sharp to 3.1.1, however, it again shows vulnerabilities there for other packages. Currently, I am in a loop and cannot solve this. Can someone please help me here to solve this?
Any help or guidance is much appreciated. Thanks in advance.
Error when express-sharp 4.2.41 is used:
class-validator <0.14.0
Severity: critical
SQL Injection and Cross-site Scripting in class-validator - https://github.com/advisories/GHSA-fj58-h2fr-3pp2
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/class-validator
express-sharp >=4.0.1
Depends on vulnerable versions of class-validator
node_modules/express-sharp
2 critical severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Error when express-sharp 3.1.1 is used:
# npm audit report
got <11.8.5
Severity: moderate
Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/got
express-sharp <=4.2.40
Depends on vulnerable versions of express-validator
Depends on vulnerable versions of got
Depends on vulnerable versions of sharp
node_modules/express-sharp
sharp <0.30.5
Severity: moderate
sharp vulnerable to Command Injection in post-installation over build environment - https://github.com/advisories/GHSA-gp95-ppv5-3jc5
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/sharp
validator <13.7.0
Severity: moderate
Inefficient Regular Expression Complexity in validator.js - https://github.com/advisories/GHSA-qgmg-gppg-76g5
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/express-sharp/node_modules/validator
express-validator 0.2.0 - 6.4.1
Depends on vulnerable versions of validator
node_modules/express-sharp/node_modules/express-validator
5 moderate severity vulnerabilities
The text was updated successfully, but these errors were encountered:
Hello
Whenever I am running npm install, I am getting critical severity vulnerabilities. npm audit fix --force rollback express-sharp to 3.1.1, however, it again shows vulnerabilities there for other packages. Currently, I am in a loop and cannot solve this. Can someone please help me here to solve this?
Any help or guidance is much appreciated. Thanks in advance.
Error when express-sharp 4.2.41 is used:
Error when express-sharp 3.1.1 is used:
The text was updated successfully, but these errors were encountered: