Here is a vulnerability related to make-dir
package which is used in version 9.1.0
of cp-file
package.
At the moment the cpy-cli
package depends on vulnerable version of cpy
, since uses not the last version of that package.
The npm audit report gives the following output:
![image](https://private-user-images.githubusercontent.com/46902917/248500555-64919529-311e-4d2d-9225-ff154e8b922d.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTk2ODcyNDgsIm5iZiI6MTcxOTY4Njk0OCwicGF0aCI6Ii80NjkwMjkxNy8yNDg1MDA1NTUtNjQ5MTk1MjktMzExZS00ZDJkLTkyMjUtZmYxNTRlOGI5MjJkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA2MjklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNjI5VDE4NDkwOFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWZmMGU4NDFkODYyYzIyZmQ3ZGEyODE3NWQ5MmM4NzJiNjQ3ODAxODlmYWQ3NzdmOGRkMjdhNjcxOGViNmI4MGYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.efxtyrpKurbCJI_DCPxEhEe9PgJ9ktsHmohHev1nitU)
Thanks in advance.