Closed
Description
Dependabot created a PR for this: #216
# npm audit report
vm2 *
Severity: critical
vm2 Sandbox Escape vulnerability - https://github.com/advisories/GHSA-cchq-frgv-rjh5
vm2 Sandbox Escape vulnerability - https://github.com/advisories/GHSA-g644-9gfx-q4q4
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/vm2
degenerator >=3.0.0
Depends on vulnerable versions of vm2
node_modules/degenerator
pac-resolver >=5.0.0
Depends on vulnerable versions of degenerator
node_modules/pac-resolver
pac-proxy-agent >=5.0.0
Depends on vulnerable versions of pac-resolver
node_modules/pac-proxy-agent
proxy-agent >=5.0.0
Depends on vulnerable versions of pac-proxy-agent
node_modules/proxy-agent
winston-cloudwatch >=3.1.0
Depends on vulnerable versions of proxy-agent
node_modules/winston-cloudwatch
Metadata
Metadata
Assignees
Labels
No labels