High severity security vulnerability in dependencies
Ivan-Strahovsky opened this issue · 0 comments
Ivan-Strahovsky commented
Severity - High, Prototype Pollution
Package: dot-prop
Patched in: >=5.1.1
Path: node-minify > update-notifier > configstore > dot-prop
More info: https://npmjs.com/advisories/1213
High │ Code Injection
Package │ js-yaml
Patched in │ >=3.13.1
Path │ node-minify > crass > svgo > js-yaml
More info │ https://npmjs.com/advisories/813
High │ Prototype Pollution
Package │ lodash
Path │ node-minify > babel-core > lodash
More info │ https://npmjs.com/advisories/1065
Please update dependencies to version with fixes. Thank you.