add package #10
add package #10
15 new security issues (0 max.).
Issues
======
- Added 15
See the complete overview on Codacy
Annotations
Check warning on line 640 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L640
Insecure dependency npm/axios@0.21.1 (CVE-2021-3749: nodejs-axios: Regular expression denial of service in trim function) (update to 0.21.2)
Check warning on line 640 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L640
Insecure dependency npm/axios@0.21.1 (CVE-2023-45857: axios: exposure of confidential data stored in cookies) (update to 0.28.0)
Check warning on line 640 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L640
Insecure dependency npm/axios@0.21.1 (CVE-2025-27152: axios: Possible SSRF and Credential Leakage via Absolute URL in axios Requests) (update to 0.30.0)
Check warning on line 640 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L640
Insecure dependency npm/axios@0.21.1 (CVE-2025-58754: axios: Axios DoS via lack of data size check) (update to 0.30.2)
Check warning on line 681 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L681
Insecure dependency npm/body-parser@1.19.0 (CVE-2024-45590: body-parser: Denial of Service Vulnerability in body-parser) (update to 1.20.3)
Check notice on line 892 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L892
Insecure dependency npm/cookie@0.4.0 (CVE-2024-47764: cookie: cookie accepts cookie name, path, and domain with out of bounds characters) (update to 0.7.0)
Check warning on line 1329 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L1329
Insecure dependency npm/express@4.17.1 (CVE-2024-29041: express: cause malformed URLs to be evaluated) (update to 4.19.2)
Check notice on line 1329 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L1329
Insecure dependency npm/express@4.17.1 (CVE-2024-43796: express: Improper Input Handling in Express Redirects) (update to 4.20.0)
Check warning on line 2007 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L2007
Insecure dependency npm/lodash@4.17.20 (CVE-2020-28500: nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions) (update to 4.17.21)
Check warning on line 2007 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L2007
Insecure dependency npm/lodash@4.17.20 (CVE-2021-23337: nodejs-lodash: command injection via template) (update to 4.17.21)
Check warning on line 2347 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L2347
Insecure dependency npm/path-to-regexp@0.1.7 (CVE-2024-45296: path-to-regexp: Backtracking regular expressions cause ReDoS) (update to 0.1.10)
Check warning on line 2347 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L2347
Insecure dependency npm/path-to-regexp@0.1.7 (CVE-2024-52798: path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x) (update to 0.1.12)
Check warning on line 2407 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L2407
Insecure dependency npm/qs@6.7.0 (CVE-2022-24999: express: "qs" prototype poisoning causes the hang of the node process) (update to 6.10.3)
Check notice on line 2588 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L2588
Insecure dependency npm/send@0.17.1 (CVE-2024-43799: send: Code Execution Vulnerability in Send Library) (update to 0.19.0)
Check notice on line 2642 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L2642
Insecure dependency npm/serve-static@1.14.1 (CVE-2024-43800: serve-static: Improper Sanitization in serve-static) (update to 1.16.0)