Files
carmanagement/docs/audit-production.txt
2026-06-11 01:43:25 -04:00

59 lines
2.1 KiB
Plaintext

# npm audit report
postcss <8.5.10
Severity: moderate
PostCSS has XSS via Unescaped </style> in its CSS Stringify Output - https://github.com/advisories/GHSA-qx2v-qp2m-jg93
fix available via `npm audit fix --force`
Will install next@9.3.3, which is a breaking change
node_modules/next/node_modules/postcss
next 9.3.4-canary.0 - 16.3.0-canary.5
Depends on vulnerable versions of postcss
node_modules/next
uuid <11.1.1
Severity: moderate
uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided - https://github.com/advisories/GHSA-w5hq-g745-h8pq
fix available via `npm audit fix --force`
Will install node-cron@4.2.1, which is a breaking change
node_modules/gaxios/node_modules/uuid
node_modules/google-gax/node_modules/uuid
node_modules/node-cron/node_modules/uuid
node_modules/teeny-request/node_modules/uuid
node_modules/uuid
firebase-admin 7.0.0 - 8.2.0 || >=10.2.0
Depends on vulnerable versions of @google-cloud/firestore
Depends on vulnerable versions of @google-cloud/storage
Depends on vulnerable versions of uuid
node_modules/firebase-admin
gaxios 6.4.0 - 6.7.1
Depends on vulnerable versions of uuid
node_modules/gaxios
google-gax 4.0.5-experimental - 4.6.1
Depends on vulnerable versions of retry-request
Depends on vulnerable versions of uuid
node_modules/google-gax
@google-cloud/firestore 7.5.0-pre.0 || 7.6.0 - 7.11.6
Depends on vulnerable versions of google-gax
node_modules/@google-cloud/firestore
node-cron 3.0.2 - 3.0.3
Depends on vulnerable versions of uuid
node_modules/node-cron
teeny-request 3.9.1 - 9.0.0
Depends on vulnerable versions of uuid
node_modules/teeny-request
@google-cloud/storage 2.2.0 - 2.5.0 || >=5.19.0
Depends on vulnerable versions of retry-request
Depends on vulnerable versions of teeny-request
node_modules/@google-cloud/storage
retry-request 7.0.0 - 7.0.2
Depends on vulnerable versions of teeny-request
node_modules/retry-request
11 moderate severity vulnerabilities
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force