You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
this package is depending on an outdated jimp version, that in turn is depending on a vulnerable version of phin.
npm audit gives the following output:
phin <3.7.1
Severity: moderate
phin may include sensitive headers in subsequent requests after redirect - https://github.com/advisories/GHSA-x565-32qp-m3vf
No fix available
node_modules/phin
@jimp/core <=0.21.4--canary.1163.d07ed6254d130e2995d24101e93427ec091016e6.0
Depends on vulnerable versions of phin
node_modules/@jimp/custom/node_modules/@jimp/core
@jimp/custom <=0.21.4--canary.1163.d07ed6254d130e2995d24101e93427ec091016e6.0
Depends on vulnerable versions of @jimp/core
node_modules/@jimp/custom
jimp 0.3.6-alpha.5 - 0.21.4--canary.1163.d07ed6254d130e2995d24101e93427ec091016e6.0
Depends on vulnerable versions of @jimp/custom
node_modules/iconsur/node_modules/jimp
iconsur *
Depends on vulnerable versions of jimp
node_modules/iconsur
Easiest way to fix: bump the jimp version to an up-to-date one.
The text was updated successfully, but these errors were encountered:
Hi,
this package is depending on an outdated
jimpversion, that in turn is depending on a vulnerable version ofphin.npm audit gives the following output:
Easiest way to fix: bump the jimp version to an up-to-date one.
The text was updated successfully, but these errors were encountered: