Vulnerabilities found (1 high, 1 critical)
kayvanbree opened this issue · 1 comments
kayvanbree commented
Just run npm audit
:
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Critical Command Injection
Package open
Patched in >0.0.5
Dependency of fontello-cli [dev]
Path fontello-cli > open
More info https://nodesecurity.io/advisories/663
High Arbitrary File Overwrite
Package fstream
Patched in >=1.0.12
Dependency of fontello-cli [dev]
Path fontello-cli > unzip > fstream
More info https://nodesecurity.io/advisories/886
found 2 vulnerabilities (1 high, 1 critical) in 81 scanned packages
2 vulnerabilities require manual review. See the full report for details.