When I run npm install
, I have a moderate vulnerability, how can I fix it?
1 moderate severity vulnerability
To address all issues, run:
npm audit fix
Run `npm audit` for details.
# npm audit report
axios 1.0.0 - 1.5.1
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
fix available via `npm audit fix`
node_modules/axios
1 moderate severity vulnerability
To address all issues, run:
npm audit fix
However, when I run npm audit fix
, I get a worse vulnerability:
# npm audit report
axios >=1.3.2
Severity: high
Server-Side Request Forgery in axios - https://github.com/advisories/GHSA-8hc4-vh64-cxmj
fix available via `npm audit fix`
node_modules/axios
1 high severity vulnerability
To address all issues, run:
npm audit fix
Would you mind helping me solve these Axios
vulnerabilities?
Thanks, @Adri. Now version 1.7.4 has been released, and the high vulnerability has been fixed.
I ran:
npm audit fix
And no vulnerabilities any longer!