Vulnerabilities! Even Critical!

Question

Vulnerabilities! Even Critical!

andzejsw opened this issue 5 years ago · 2 comments

Critical Sandbox Bypass Leading to Arbitrary Code Execution
Package constantinople
Patched in >=3.1.1
Dependency of aglio [dev]
Path aglio > aglio-theme-olio > jade > constantinople
More info https://nodesecurity.io/advisories/568

Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of aglio [dev]
Path aglio > aglio-theme-olio > less > request > hawk > sntp > hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of aglio [dev]
Path aglio > aglio-theme-olio > less > request > hawk > hoek
More info https://nodesecurity.io/advisories/566

Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of aglio [dev]
Path aglio > aglio-theme-olio > less > request > hawk > cryptiles > boom > hoek
More info https://nodesecurity.io/advisories/566

etc.

ulidtko commented 5 years ago

See #358

Answer 1 · 2019-11-12T09:58:41.000Z

See #358

Thanks!