python (65.2k questions)

javascript (44.3k questions)

reactjs (22.7k questions)

java (20.8k questions)

c# (17.4k questions)

html (16.3k questions)

r (13.7k questions)

android (13k questions)

Questions - npm-vulnerabilities

how to resolve cve CVE-2020-28052 json-schema for npm

By performing a dependency check using owasp 7.0.4 on my project, which uses java for BE and JS for BFE, i got ceveral CVEs noted over 8. One is the json-schema package used by npm. This the packages ...
test-img

Bratar

npm

package.json

cve

npm-vulnerabilities

Votes: 0

Answers: 1

Latest Answer

Problem solved by updating npm to 8.6.0
test-img

Bratar

Fixing NPM vulnerabilities

I am following a TypeScript tutorial. Unfortunately, the packages are outdated and I got a warning about vulnerabilities. I followed a bunch of suggestions from npm check and update package if needed...
test-img

Thomas Weller

node.js

dependencies

npm-audit

npm-vulnerabilities

dependency-tree

Votes: 0

Answers: 3

Latest Answer

As per the comments, I have already tried all commands for the general case, in which case you need to start analyzing individual packages. So, what did I do? Update all dependencies to the latest ve...
test-img

Thomas Weller

How to handle outdated packages that are required by a dependency in package-lock.json?

Let’s say I have a dependency some_dep that has a vulnerability. I’m told on GitHub “Upgrade some_dep to version 2.2.3 or later.” 

However, things get complicated when I see some_dep is a required de...
test-img

Dashiell Rose Bark-Huss

node.js

npm

package.json

dependency-management

npm-vulnerabilities

Votes: 0

Answers: 1

Latest Answer

I ended up updating the parent dependency, which I gave a pseudonym here of really_popular. I was putting it off because it was a big version change, and required other packages to be changed to a new...
test-img

Dashiell Rose Bark-Huss

how to solve moderate severity vulnerabilities in vs for npm install

=== npm audit security report === Manual Review Some vulnerabilities require your attention to resolve ...
test-img

DIVAN AFTAB

reactjs

visual-studio

npm-vulnerabilities

Votes: 0

Answers: 1

Latest Answer

Ok basically, it's very simple :) as far as I am concerned, I only have one moderate vulnerability. But solution should work for the both of them! I am going to explain as clear as possible with the n...
test-img

LoveriusB

Posts

Questions

Blogs

Jobs