After npm install i got 5 high severity vulnerabilities

Question

After npm install i got 5 high severity vulnerabilities

tonprince opened this issue 3 years ago · 2 comments

css-what  <5.0.1
Severity: high
Denial of Service - https://npmjs.com/advisories/1754
fix available via `npm audit fix --force`
Will install mailgen@1.0.2, which is a breaking change
node_modules/css-what
  css-select  <=3.1.2
  Depends on vulnerable versions of css-what
  node_modules/css-select
    cheerio  0.19.0 - 1.0.0-rc.3
    Depends on vulnerable versions of css-select
    node_modules/cheerio
      juice  1.3.4 - 6.0.0
      Depends on vulnerable versions of cheerio
      node_modules/juice
        mailgen  >=1.0.3
        Depends on vulnerable versions of juice
        node_modules/mailgen

5 high severity vulnerabilities

Answer 1 · 2021-06-21T20:47:36.000Z

Hi @tonprince,
Thanks for your report. Would you like to submit a PR that upgrades the vulnerable dependencies?

Answer 2 · 2021-06-24T14:38:51.000Z

I already found another way, thanks.