coolaj86
/
btoa.js
1
0
Fork 0
Código Issues 4 Pull requests 1 Versões Wiki Atividade

auditjs vulnerability warning #1

Nova issue
Aberto
2018-12-29 13:55:31 +00:00 abertas por Ghost · 0 comentários
Ghost comentou 2018-12-29 13:55:31 +00:00
Copiar link

Hello,

I use auditjs (https://www.npmjs.com/package/auditjs) in my CI build scripts.
This generates a vulnerability report for the package dependencies my project uses.
When the audit command is executed, it reports a warning.
My question is if btoa could be updated so that this audit warning could be eliminated.

Here is the output of auditjs:

------------------------------------------------------------
[565/1242] btoa 1.2.1  [VULNERABLE]   1 known vulnerabilities affecting installed version

CWE-125: Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

ID: e391a58d-4a81-448b-8ffc-e19016807d73
Details: https://ossindex.sonatype.org/vuln/e391a58d-4a81-448b-8ffc-e19016807d73
Dependency path: /extract-loader/btoa
------------------------------------------------------------
Hello, I use auditjs (https://www.npmjs.com/package/auditjs) in my CI build scripts. This generates a vulnerability report for the package dependencies my project uses. When the audit command is executed, it reports a warning. My question is if btoa could be updated so that this audit warning could be eliminated. Here is the output of auditjs: ``` ------------------------------------------------------------ [565/1242] btoa 1.2.1 [VULNERABLE] 1 known vulnerabilities affecting installed version CWE-125: Out-of-bounds Read The software reads data past the end, or before the beginning, of the intended buffer. ID: e391a58d-4a81-448b-8ffc-e19016807d73 Details: https://ossindex.sonatype.org/vuln/e391a58d-4a81-448b-8ffc-e19016807d73 Dependency path: /extract-loader/btoa ------------------------------------------------------------ ```
Acesse para participar desta conversação.
Nenhum branch/tag especificado
Branches Tags
master
v1.2.1
v1.2.0
v1.1.2
Etiquetas
Limpar etiquetas
Nenhum item
Sem etiqueta
Marco
Limpar marco
Nenhum item
Sem marco
Responsáveis
Limpar responsáveis
Sem responsável
1 participante(s)
Notificações
Data limite
A data limite é inválida ou está fora do intervalo. Por favor, use o formato 'dd/mm/aaaa'.

Data limite não informada.

Dependências

Nenhuma dependência definida.

Referência: coolaj86/btoa.js#1
Nenhuma descrição fornecida.
Excluir branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?