package-lock.json
jsrsasign <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
fabric-ca-client *
Depends on vulnerable versions of fabric-common
Depends on vulnerable versions of jsrsasign
node_modules/fabric-ca-client
fabric-common >=2.1.1-snapshot.390
Depends on vulnerable versions of jsrsasign
client/package-lock.json
jsrsasign <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
fabric-ca-client *
Depends on vulnerable versions of fabric-common
Depends on vulnerable versions of jsrsasign
node_modules/fabric-ca-client
fabric-common >=2.1.1-snapshot.390
Depends on vulnerable versions of jsrsasign
node_modules/fabric-common
fabric-network >=1.4.19-snapshot.1
Depends on vulnerable versions of fabric-common
node_modules/fabric-network
4 critical severity vulnerabilities
jsrsasign <10.2.0
Severity: critical
RSA signature validation vulnerability - https://npmjs.com/advisories/1672
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/jsrsasign
fabric-ca-client *
Depends on vulnerable versions of fabric-common
Depends on vulnerable versions of jsrsasign
node_modules/fabric-ca-client
fabric-common >=2.1.1-snapshot.390
Depends on vulnerable versions of jsrsasign
node_modules/fabric-common
fabric-network >=1.4.19-snapshot.1
Depends on vulnerable versions of fabric-common
node_modules/fabric-network
4 critical severity vulnerabilities
None
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low │ Prototype Pollution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ react-scripts │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ react-scripts > webpack-dev-server > yargs > yargs-parser │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1500 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 2141 scanned packages
1 vulnerability requires manual review. See the full report for details.
Correct release tag from V1.0.0
to v1.0.0