firebase causing severe vulnarabilities #7494
Unanswered
SAJUSAJADH
asked this question in
Q&A
Replies: 1 comment
-
|
I'm just curious if any of the firebase devs can explain why they're getting flagged as vulnerable. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
npm audit report
protobufjs 6.10.0 - 7.2.3
Severity: high
protobufjs Prototype Pollution vulnerability - GHSA-h755-8qp9-cq85
fix available via
npm audit fix --forceWill install [email protected], which is a breaking change
node_modules/protobufjs
@grpc/proto-loader 0.6.0-pre1 - 0.6.13
Depends on vulnerable versions of protobufjs
node_modules/@grpc/proto-loader
@firebase/firestore <=0.0.900-exp.f43d0c698 || 2.3.7-202151602035 - 2.3.7-canary.f6e1645ef || >=2.3.8-20216122160
Depends on vulnerable versions of @grpc/proto-loader
node_modules/@firebase/firestore
@firebase/firestore-compat *
Depends on vulnerable versions of @firebase/firestore
node_modules/@firebase/firestore-compat
firebase 0.900.22 || 7.9.1-0 - 7.9.1-canary.0396117e || 8.6.8-202151602035 - 8.6.8-canary.f6e1645ef || >=8.7.0-20216122160
Depends on vulnerable versions of @firebase/firestore
Depends on vulnerable versions of @firebase/firestore-compat
node_modules/firebase
5 high severity vulnerabilities
Beta Was this translation helpful? Give feedback.
All reactions