-
assigned issue to
concat-stream vulnerabilities not existing anymore
These vulnerabilities were not correctly reported by nodesecurity and are removed by them now.
However they are all still marked as vulnerable: https://www.versioneye.com/nodejs/concat-stream/1.5.0
This is long fixed. See for example: https://github.com/maxogden/concat-stream/issues/56
Comments (5)
-
-
- changed status to resolved
I just updated our database. Now version 1.6.0 and 1.5.2 are fixed.
-
-
Is this due to the fix? The web-interface is inconsistent and the PDF still shows the vulnerability.
-
Hi @farhanible. The information in the header contains the summed infos over all your files in the project. As far as I can see from the screenshot your project contains 2 files, the package.json and the yarn.lock file. In the screenshot you are viewing the package.json. I assume that the security vulnerability is in the yarn.lock file. You can either directly click on the "yarn.lock" file in the Files row or click on the "Summary" report.
- Log in to comment