Github warning: We found a potential security vulnerability in one of your dependencies #22

shivahr · 2018-05-14T02:37:14Z

Following is the information given in Github warning:

We found a potential security vulnerability in one of your dependencies.

A dependency defined in IonicMobileApp/package-lock.json has known security vulnerabilities and should be updated.

Dependencies defined in IonicMobileApp/package-lock.json 500
hapijs / hoek Known security vulnerability in 4.2.0

Known vulnerability found

CVE-2018-3728 Moderate severity
hoek node module before 5.0.3 or 4.2.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via...
package-lock.json update suggested:
hoek ~> 4.2.1
Always verify the validity and compatibility of suggestions with your codebase.

shivahr · 2018-05-14T02:38:00Z

Related issues:

shivahr · 2018-05-14T02:41:10Z

$ npm ls hoek
[email protected]
├─┬ @angular/[email protected]
│ └─┬ [email protected]
│   └─┬ [email protected]
│     └─┬ [email protected]
│       └─┬ [email protected]
│         ├─┬ [email protected]
│         │ └── [email protected]  deduped
│         ├── [email protected] 
│         └─┬ [email protected]
│           └── [email protected]  deduped
├─┬ @ionic/[email protected]
│ └─┬ [email protected]
│   └─┬ [email protected]
│     └─┬ [email protected]
│       ├─┬ [email protected]
│       │ └── [email protected]  deduped
│       ├─┬ [email protected]
│       │ └─┬ [email protected]
│       │   └── [email protected]  deduped
│       ├── [email protected] 
│       └─┬ [email protected]
│         └── [email protected]  deduped
└─┬ [email protected]
  └─┬ [email protected]
    └─┬ [email protected]
      ├─┬ [email protected]
      │ └── [email protected]  deduped
      ├── [email protected] 
      └─┬ [email protected]
        └── [email protected]  deduped

The vulnerable dependency [email protected] is through @ionic/[email protected]

CyberBLN · 2018-11-16T07:11:47Z

ionic-team/ionic-app-scripts#1493 will fix this

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Github warning: We found a potential security vulnerability in one of your dependencies #22

Github warning: We found a potential security vulnerability in one of your dependencies #22

shivahr commented May 14, 2018 •

edited

Loading

shivahr commented May 14, 2018 •

edited

Loading

shivahr commented May 14, 2018 •

edited

Loading

CyberBLN commented Nov 16, 2018

Github warning: We found a potential security vulnerability in one of your dependencies #22

Github warning: We found a potential security vulnerability in one of your dependencies #22

Comments

shivahr commented May 14, 2018 • edited Loading

shivahr commented May 14, 2018 • edited Loading

shivahr commented May 14, 2018 • edited Loading

CyberBLN commented Nov 16, 2018

shivahr commented May 14, 2018 •

edited

Loading

shivahr commented May 14, 2018 •

edited

Loading

shivahr commented May 14, 2018 •

edited

Loading