RYTRO
RYTRO
PPrisma
Created by RYTRO on 8/12/2024 in #help-and-questions
Prisma Client did not initialize yet
Solved
2 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
Thanks for your help
18 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
Ok
18 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
tunnel-agent <0.6.0
Severity: moderate
Memory Exposure in tunnel-agent - https://github.com/advisories/GHSA-xc7v-wxcw-j472
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/tunnel-agent

15 vulnerabilities (6 moderate, 9 high)

To address all issues (including breaking changes), run:
npm audit fix --force
tunnel-agent <0.6.0
Severity: moderate
Memory Exposure in tunnel-agent - https://github.com/advisories/GHSA-xc7v-wxcw-j472
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/tunnel-agent

15 vulnerabilities (6 moderate, 9 high)

To address all issues (including breaking changes), run:
npm audit fix --force
18 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
hawk <=9.0.0
Severity: high
Regular Expression Denial of Service in hawk - https://github.com/advisories/GHSA-jcpv-g9rr-qxrc
Uncontrolled Resource Consumption in Hawk - https://github.com/advisories/GHSA-44pw-h2cw-w3vq
Depends on vulnerable versions of boom
Depends on vulnerable versions of cryptiles
Depends on vulnerable versions of hoek
Depends on vulnerable versions of sntp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/hawk

hoek *
Severity: high
Prototype Pollution in hoek - https://github.com/advisories/GHSA-jp4x-w63m-7wgm
hoek subject to prototype pollution via the clone function. - https://github.com/advisories/GHSA-c429-5p7v-vgjp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/hoek
boom <=3.1.2
Depends on vulnerable versions of hoek
node_modules/boom
cryptiles <=2.0.5
Depends on vulnerable versions of boom
node_modules/cryptiles
sntp 0.0.0 || 0.1.1 - 2.0.0
Depends on vulnerable versions of hoek
node_modules/sntp

mime <1.4.1
Severity: high
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input - https://github.com/advisories/GHSA-wrvr-8mpx-r7pp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/mime

qs <=6.2.3
Severity: high
Prototype Pollution Protection Bypass in qs - https://github.com/advisories/GHSA-gqgv-6jq5-jjj9
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/qs
node_modules/superagent/node_modules/qs
hawk <=9.0.0
Severity: high
Regular Expression Denial of Service in hawk - https://github.com/advisories/GHSA-jcpv-g9rr-qxrc
Uncontrolled Resource Consumption in Hawk - https://github.com/advisories/GHSA-44pw-h2cw-w3vq
Depends on vulnerable versions of boom
Depends on vulnerable versions of cryptiles
Depends on vulnerable versions of hoek
Depends on vulnerable versions of sntp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/hawk

hoek *
Severity: high
Prototype Pollution in hoek - https://github.com/advisories/GHSA-jp4x-w63m-7wgm
hoek subject to prototype pollution via the clone function. - https://github.com/advisories/GHSA-c429-5p7v-vgjp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/hoek
boom <=3.1.2
Depends on vulnerable versions of hoek
node_modules/boom
cryptiles <=2.0.5
Depends on vulnerable versions of boom
node_modules/cryptiles
sntp 0.0.0 || 0.1.1 - 2.0.0
Depends on vulnerable versions of hoek
node_modules/sntp

mime <1.4.1
Severity: high
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input - https://github.com/advisories/GHSA-wrvr-8mpx-r7pp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/mime

qs <=6.2.3
Severity: high
Prototype Pollution Protection Bypass in qs - https://github.com/advisories/GHSA-gqgv-6jq5-jjj9
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/qs
node_modules/superagent/node_modules/qs
18 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
rywong@Rys-MacBook-Air nextjs_sample-main_2 % npm audit
# npm audit report

bl <1.2.3
Severity: moderate
Remote Memory Exposure in bl - https://github.com/advisories/GHSA-pp7h-53gx-mx7r
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/bl
request *
Depends on vulnerable versions of bl
Depends on vulnerable versions of hawk
Depends on vulnerable versions of qs
Depends on vulnerable versions of tunnel-agent
node_modules/request
follow *
Depends on vulnerable versions of request
node_modules/follow
clerk >=0.2.0
Depends on vulnerable versions of follow
Depends on vulnerable versions of superagent
node_modules/clerk

cookiejar <2.1.4
Severity: moderate
cookiejar Regular Expression Denial of Service via Cookie.parse function - https://github.com/advisories/GHSA-h452-7996-h45h
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/cookiejar
superagent <=3.6.3
Depends on vulnerable versions of cookiejar
Depends on vulnerable versions of extend
Depends on vulnerable versions of mime
Depends on vulnerable versions of qs
node_modules/superagent

extend 3.0.0 - 3.0.1
Severity: moderate
Prototype Pollution in extend - https://github.com/advisories/GHSA-qrmc-fj45-qfc2
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/extend
rywong@Rys-MacBook-Air nextjs_sample-main_2 % npm audit
# npm audit report

bl <1.2.3
Severity: moderate
Remote Memory Exposure in bl - https://github.com/advisories/GHSA-pp7h-53gx-mx7r
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/bl
request *
Depends on vulnerable versions of bl
Depends on vulnerable versions of hawk
Depends on vulnerable versions of qs
Depends on vulnerable versions of tunnel-agent
node_modules/request
follow *
Depends on vulnerable versions of request
node_modules/follow
clerk >=0.2.0
Depends on vulnerable versions of follow
Depends on vulnerable versions of superagent
node_modules/clerk

cookiejar <2.1.4
Severity: moderate
cookiejar Regular Expression Denial of Service via Cookie.parse function - https://github.com/advisories/GHSA-h452-7996-h45h
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/cookiejar
superagent <=3.6.3
Depends on vulnerable versions of cookiejar
Depends on vulnerable versions of extend
Depends on vulnerable versions of mime
Depends on vulnerable versions of qs
node_modules/superagent

extend 3.0.0 - 3.0.1
Severity: moderate
Prototype Pollution in extend - https://github.com/advisories/GHSA-qrmc-fj45-qfc2
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/extend
18 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
Nothing from gpt has seemed to work for me
18 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
Without --save-dev it's giving the same issue
18 replies
PPrisma
Created by RYTRO on 6/7/2024 in #help-and-questions
Vulnerabilities That Won't Be Fixed
v20.14.0
18 replies