High severity vounerability in NPM audit
Willburn opened this issue · 0 comments
It seems the version of axios in ergo-ts has a Server-Side Request Forgery according to the NPM audit. Is this possible to fix with adding axios v0.21 ?
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Server-Side Request Forgery │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ axios │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=0.21.1 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @coinbarn/ergo-ts │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @coinbarn/ergo-ts > axios │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1594 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 high severity vulnerability in 1968 scanned packages
1 vulnerability requires manual review. See the full report for details.