nsp fails notifme-sdk due to https://nodesecurity.io/advisories/566
TomSpeed opened this issue · comments
(+) 1 vulnerability found
Prototype pollution attack
Name: hoek
CVSS: 4 (Medium)
Installed: 2.16.3
Vulnerable: <= 4.2.0 || >= 5.0.0 < 5.0.3
Patched: > 4.2.0 < 5.0.0 || >= 5.0.3
Path: notifme-sdk@1.6.0 > node-pushnotifications@1.0.18 > node-gcm@0.14.10 > request@2.81.0 > hawk@3.1.3 > hoek@2.16.3
More Info: https://nodesecurity.io/advisories/566