发表新帖
发表新帖

How to fix NPM package Tar, with high vulnerability about Arbitrary File Overwrite, when package is up to date?

后端 未结
关注
4 1615
眼角桃花
眼角桃花 2021-02-01 14:19

I just installed Flickity from NPM and got an NPM Audit Security Report after running npm audit stating that I have a high vulnerability issue regarding Arbitra

4条回答
  • 盖世英雄少女心
    盖世英雄少女心 (楼主)
    2021-02-01 14:56

    In your package-lock.jason update tar for node to below (v 4.4.8):

    "version": "4.4.8", "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.8.tgz"

    0 讨论(0)
 看不清?
提交回复
热议问题