# npm audit report

postcss  <8.5.10
Severity: moderate
PostCSS has XSS via Unescaped </style> in its CSS Stringify Output - https://github.com/advisories/GHSA-qx2v-qp2m-jg93
fix available via `npm audit fix --force`
Will install next@9.3.3, which is a breaking change
node_modules/next/node_modules/postcss
  next  9.3.4-canary.0 - 16.3.0-canary.5
  Depends on vulnerable versions of postcss
  node_modules/next

uuid  <11.1.1
Severity: moderate
uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided - https://github.com/advisories/GHSA-w5hq-g745-h8pq
fix available via `npm audit fix --force`
Will install node-cron@4.2.1, which is a breaking change
node_modules/gaxios/node_modules/uuid
node_modules/google-gax/node_modules/uuid
node_modules/node-cron/node_modules/uuid
node_modules/teeny-request/node_modules/uuid
node_modules/uuid
  firebase-admin  7.0.0 - 8.2.0 || >=10.2.0
  Depends on vulnerable versions of @google-cloud/firestore
  Depends on vulnerable versions of @google-cloud/storage
  Depends on vulnerable versions of uuid
  node_modules/firebase-admin
  gaxios  6.4.0 - 6.7.1
  Depends on vulnerable versions of uuid
  node_modules/gaxios
  google-gax  4.0.5-experimental - 4.6.1
  Depends on vulnerable versions of retry-request
  Depends on vulnerable versions of uuid
  node_modules/google-gax
    @google-cloud/firestore  7.5.0-pre.0 || 7.6.0 - 7.11.6
    Depends on vulnerable versions of google-gax
    node_modules/@google-cloud/firestore
  node-cron  3.0.2 - 3.0.3
  Depends on vulnerable versions of uuid
  node_modules/node-cron
  teeny-request  3.9.1 - 9.0.0
  Depends on vulnerable versions of uuid
  node_modules/teeny-request
    @google-cloud/storage  2.2.0 - 2.5.0 || >=5.19.0
    Depends on vulnerable versions of retry-request
    Depends on vulnerable versions of teeny-request
    node_modules/@google-cloud/storage
    retry-request  7.0.0 - 7.0.2
    Depends on vulnerable versions of teeny-request
    node_modules/retry-request

11 moderate severity vulnerabilities

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force
