Vulnerability in express-bunyan-logger-1.3.3.tgz (Root Library) > useragent-2.3.0.tgz (Vulnerable Library). #59

PraveenkumarD2004 · 2022-03-11T08:50:46Z

Describe the bug:
We are getting vulnerability error in express-bunyan-logger-1.3.3 version.

Below is the dependency tree:
express-bunyan-logger-1.3.3.tgz (Root Library)
❌ useragent-2.3.0.tgz (Vulnerable Library)

Expected behavior:
The express-bunyan-logger-1.3.3 should not be having any dependency on vulnerable components.

Actual behavior:
The dependent package useragent-2.3.0.tgz refers to be vulnerable components, as per the author the "Fix Resolution: NorDroN.AngularTemplate - 0.1.6;dotnetng.template - 1.0.0.4;JetBrains.Rider.Frontend5 - 213.0.20211008.154703-eap03;MIDIator.WebClient - 1.0.105".

Thanks & Regards,
Praveen Kumar D.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability in express-bunyan-logger-1.3.3.tgz (Root Library) > useragent-2.3.0.tgz (Vulnerable Library). #59

Vulnerability in express-bunyan-logger-1.3.3.tgz (Root Library) > useragent-2.3.0.tgz (Vulnerable Library). #59

PraveenkumarD2004 commented Mar 11, 2022

Vulnerability in express-bunyan-logger-1.3.3.tgz (Root Library) > useragent-2.3.0.tgz (Vulnerable Library). #59

Vulnerability in express-bunyan-logger-1.3.3.tgz (Root Library) > useragent-2.3.0.tgz (Vulnerable Library). #59

Comments

PraveenkumarD2004 commented Mar 11, 2022