Comments (4)
nrydevopswatch
commented on June 20, 2024
Here is the output from a scan using Snyk:
Tested 1870 dependencies for known issues, found 19 issues, 21 vulnerable paths.
Issues with no direct upgrade or patch:
✗ Arbitrary File Write via Archive Extraction (Zip Slip) [Medium Severity][https://snyk.io/vuln/SNYK-JS-DECOMPRESS-557358] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected]
No upgrade or patch available
✗ Arbitrary File Write via Archive Extraction (Zip Slip) [Medium Severity][https://snyk.io/vuln/SNYK-JS-DECOMPRESSTAR-559095] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected] and 2 other path(s)
No upgrade or patch available
✗ Prototype Pollution [Medium Severity][https://snyk.io/vuln/SNYK-JS-DOTPROP-543489] in [email protected]
introduced by [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
This issue was fixed in versions: 5.1.1
✗ Use After Free [High Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-535497] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Out-of-Bounds [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-535498] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ NULL Pointer Dereference [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-535502] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Out-of-bounds Read [High Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540956] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Out-of-bounds Read [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540958] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Uncontrolled Recursion [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540964] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ NULL Pointer Dereference [High Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540974] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Denial of Service (DoS) [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540978] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Denial of Service (DoS) [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540980] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Out-of-bounds Read [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540990] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ NULL Pointer Dereference [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540992] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ NULL Pointer Dereference [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540994] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Out-of-bounds Read [High Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540996] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Out-of-Bounds [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-540998] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Use After Free [High Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-541000] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
✗ Out-of-bounds Read [Medium Severity][https://snyk.io/vuln/SNYK-JS-NODESASS-541002] in [email protected]
introduced by [email protected] > [email protected]
No upgrade or patch available
Organization: nrydevopswatch
Package manager: npm
Target file: package-lock.json
Project name: blackbird-scanner
Open source: no
Project path: /home/rbruscoe/dev/blackbird-scanner
Licenses: enabled
Run snyk wizard to address these issues.
from rekit.
supnate
commented on June 20, 2024
Hello, are you using rekit 2.x? For 3.x rekit-core is no longer a dependency of the projects.
from rekit.
nrydevopswatch
commented on June 20, 2024
I'm using Rekit 3.0.0 and I followed the instructions to build it on your README.md for a new project.
from rekit.
nrydevopswatch
commented on June 20, 2024
I just removed Rekit-Core 3.0.0 from the 'package.json'; deleted the 'package-lock.json' and the 'node_modules' folder. Then I did a fresh 'npm install' and tried to then do 'npm start' but it failed with several errors saying it could not find the 'rekit-core' dependency.
from rekit.
Related Issues (20)
- rekit-studio can't launch success
- Memory leak when running Jest tests due to nock not restoring https global HOT 2
- Cannot create app at first time
- Cant open rekit studio HOT 8
- Unable to create actions with redux-saga plugin HOT 3
- Templates in rekit 3? HOT 6
- 王老师好,为什么脚手架中的package.json不区分dependencies与devDependencies HOT 1
- rekit edit mode with vim HOT 1
- functional component generated tests does not wotk
- Build errors during global package install on Windows HOT 1
- Failed to load project data Request failed with status code 500 HOT 2
- npm install rekit-studio error HOT 1
- Win10 can not create first app
- testcase issue Cannot use import statement outside a module
- Update path? HOT 6
- Create an action for a class component through rekit3.0? HOT 6
- rekit create-plugin <plugin-name> rekit: error: argument "commandName": Invalid choice: create-plugin (choose from [create, list, install, uninstall, add, remove, rm, move, mv])
- Whether to consider supporting HashedModuleIdsPlugin by default HOT 1
- 通过rekit 初始化创建app,npm test报错
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rekit.