forked from HHS/Head-Start-TTADP
-
Notifications
You must be signed in to change notification settings - Fork 1
/
yarn-audit-known-issues
4 lines (4 loc) · 5.7 KB
/
yarn-audit-known-issues
1
2
3
4
{"type":"auditAdvisory","data":{"resolution":{"id":1004876,"path":"sequelize>validator","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"10.11.0","paths":["sequelize>validator"]}],"metadata":null,"vulnerable_versions":"<13.7.0","module_name":"validator","severity":"moderate","github_advisory_id":"GHSA-qgmg-gppg-76g5","cves":["CVE-2021-3765"],"access":"public","patched_versions":">=13.7.0","updated":"2021-11-03T14:46:01.000Z","recommendation":"Upgrade to version 13.7.0 or later","cwe":"CWE-1333","found_by":null,"deleted":null,"id":1004876,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2021-3765\n- https://github.com/validatorjs/validator.js/commit/496fc8b2a7f5997acaaec33cc44d0b8dba5fb5e1\n- https://huntr.dev/bounties/c37e975c-21a3-4c5f-9b57-04d63b28cfc9\n- https://github.com/advisories/GHSA-qgmg-gppg-76g5","created":"2021-11-18T16:00:48.460Z","reported_by":null,"title":"Inefficient Regular Expression Complexity in validator.js","npm_advisory_id":null,"overview":"validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity","url":"https://github.com/advisories/GHSA-qgmg-gppg-76g5"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":1004946,"path":"sequelize-cli>yargs>string-width>strip-ansi>ansi-regex","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.1.0","paths":["sequelize-cli>yargs>string-width>strip-ansi>ansi-regex","sequelize-cli>yargs>cliui>string-width>strip-ansi>ansi-regex","sequelize-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex"]}],"metadata":null,"vulnerable_versions":">2.1.1 <5.0.1","module_name":"ansi-regex","severity":"moderate","github_advisory_id":"GHSA-93q8-gq69-wqmw","cves":["CVE-2021-3807"],"access":"public","patched_versions":">=5.0.1","updated":"2021-09-23T15:45:50.000Z","recommendation":"Upgrade to version 5.0.1 or later","cwe":"CWE-918","found_by":null,"deleted":null,"id":1004946,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2021-3807\n- https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9\n- https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994\n- https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311\n- https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908\n- https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774\n- https://github.com/advisories/GHSA-93q8-gq69-wqmw","created":"2021-11-18T16:00:48.472Z","reported_by":null,"title":" Inefficient Regular Expression Complexity in chalk/ansi-regex","npm_advisory_id":null,"overview":"ansi-regex is vulnerable to Inefficient Regular Expression Complexity","url":"https://github.com/advisories/GHSA-93q8-gq69-wqmw"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":1004946,"path":"sequelize-cli>yargs>cliui>string-width>strip-ansi>ansi-regex","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.1.0","paths":["sequelize-cli>yargs>string-width>strip-ansi>ansi-regex","sequelize-cli>yargs>cliui>string-width>strip-ansi>ansi-regex","sequelize-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex"]}],"metadata":null,"vulnerable_versions":">2.1.1 <5.0.1","module_name":"ansi-regex","severity":"moderate","github_advisory_id":"GHSA-93q8-gq69-wqmw","cves":["CVE-2021-3807"],"access":"public","patched_versions":">=5.0.1","updated":"2021-09-23T15:45:50.000Z","recommendation":"Upgrade to version 5.0.1 or later","cwe":"CWE-918","found_by":null,"deleted":null,"id":1004946,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2021-3807\n- https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9\n- https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994\n- https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311\n- https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908\n- https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774\n- https://github.com/advisories/GHSA-93q8-gq69-wqmw","created":"2021-11-18T16:00:48.472Z","reported_by":null,"title":" Inefficient Regular Expression Complexity in chalk/ansi-regex","npm_advisory_id":null,"overview":"ansi-regex is vulnerable to Inefficient Regular Expression Complexity","url":"https://github.com/advisories/GHSA-93q8-gq69-wqmw"}}}
{"type":"auditAdvisory","data":{"resolution":{"id":1004946,"path":"sequelize-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"4.1.0","paths":["sequelize-cli>yargs>string-width>strip-ansi>ansi-regex","sequelize-cli>yargs>cliui>string-width>strip-ansi>ansi-regex","sequelize-cli>yargs>cliui>wrap-ansi>string-width>strip-ansi>ansi-regex"]}],"metadata":null,"vulnerable_versions":">2.1.1 <5.0.1","module_name":"ansi-regex","severity":"moderate","github_advisory_id":"GHSA-93q8-gq69-wqmw","cves":["CVE-2021-3807"],"access":"public","patched_versions":">=5.0.1","updated":"2021-09-23T15:45:50.000Z","recommendation":"Upgrade to version 5.0.1 or later","cwe":"CWE-918","found_by":null,"deleted":null,"id":1004946,"references":"- https://nvd.nist.gov/vuln/detail/CVE-2021-3807\n- https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9\n- https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994\n- https://github.com/chalk/ansi-regex/issues/38#issuecomment-924086311\n- https://app.snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908\n- https://github.com/chalk/ansi-regex/issues/38#issuecomment-925924774\n- https://github.com/advisories/GHSA-93q8-gq69-wqmw","created":"2021-11-18T16:00:48.472Z","reported_by":null,"title":" Inefficient Regular Expression Complexity in chalk/ansi-regex","npm_advisory_id":null,"overview":"ansi-regex is vulnerable to Inefficient Regular Expression Complexity","url":"https://github.com/advisories/GHSA-93q8-gq69-wqmw"}}}