profoundhub/ng-auth-2018

Known Vulnerability Found

Opened this issue · 3 comments

profoundhub commented

Known vulnerability found
CVE-2018-3728
Moderate severity
hoek node module before 5.0.3 or 4.2.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via...

package-lock.json update suggested:
hoek ~> 4.2.1
Always verify the validity and compatibility of suggestions with your codebase.

profoundhub commented

npm i hoek

profoundhub commented 

    "hoek": {
      "version": "4.2.1",
      "resolved": "https://registry.npmjs.org/hoek/-/hoek-2.16.3.tgz",
      "integrity": "sha1-ILt0A9POo5jpHcRxCo/xuCdKJe0=",
      "dev": true
    },
profoundhub commented 
...
+ hoek@5.0.3
added 3 packages and updated 1 package in 11.496s