HackMD - Collaborative Markdown Knowledge Base

C:\SourceCode\quasar\docs>antivuln -t Checking \yarn.lock dependencies. Checking \node_modules\@quasar\babel-preset-app\yarn.lock dependencies. Checking \node_modules\autocomplete.js\yarn.lock dependencies. Checking \node_modules\browserify-zlib\yarn.lock dependencies. Checking \node_modules\combined-stream\yarn.lock dependencies. Checking \node_modules\eventsource\yarn.lock dependencies. Checking \node_modules\form-data\yarn.lock dependencies. Checking \node_modules\postcss-discard-overridden\yarn.lock dependencies. Checking \node_modules\pug-plain-loader\yarn.lock dependencies. Checking \node_modules\register-service-worker\yarn.lock dependencies. Checking \node_modules\tiny-emitter\yarn.lock dependencies. Checking \node_modules\uri-js\yarn.lock dependencies. Checking \node_modules\vue-style-loader\yarn.lock dependencies. Checking \node_modules\babel-runtime\package-lock.json dependencies. Checking \node_modules\babel-types\package-lock.json dependencies. Security Alert: [moderate] [brace-expansion] [Update to version 1.1.7 or later.] [https://npmjs.com/advisories/338] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [low] [braces] [Upgrade to version 2.3.1 or higher.] [https://npmjs.com/advisories/786] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [concat-stream] [Update to version 1.5.2, 1.4.11, 1.3.2 or later. If you are unable to update make sure user provided input into the `write()` function is not a number.] [https://npmjs.com/advisories/597] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [low] [debug] [Version 2.x.x: Update to version 2.6.9 or later. Version 3.x.x: Update to version 3.1.0 or later. ] [https://npmjs.com/advisories/534] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [low] [deep-extend] [Update to version 0.5.1 or later.] [https://npmjs.com/advisories/612] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [forwarded] [Update to version 0.1.2 or later] [https://npmjs.com/advisories/527] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [fresh] [Update to version 0.5.2 or later.] [https://npmjs.com/advisories/526] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [fstream] [Upgrade to version 1.0.12 or later.] [https://npmjs.com/advisories/886] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [critical] [growl] [Update to version 1.10.2 or later.] [https://npmjs.com/advisories/146] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [handlebars] [For handlebars 4.1.x upgrade to 4.1.2 or later. For handlebars 4.0.x upgrade to 4.0.14 or later.] [https://npmjs.com/advisories/755] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [hawk] [Update to hawk version 4.1.1 or later.] [https://npmjs.com/advisories/77] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [hoek] [Update to version 4.2.1, 5.0.3 or later.] [https://npmjs.com/advisories/566] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [jquery] [Upgrade to version 3.4.0 or later.] [https://npmjs.com/advisories/796] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [js-yaml] [Upgrade to version 3.13.1.] [https://npmjs.com/advisories/813] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [js-yaml] [Upgrade to version 3.13.0.] [https://npmjs.com/advisories/788] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [lodash] [Update to version 4.17.11 or later.] [https://npmjs.com/advisories/782] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [low] [lodash] [Update to version 4.17.5 or later.] [https://npmjs.com/advisories/577] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [marked] [Update to version 0.3.9 or later.] [https://npmjs.com/advisories/531] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [mime] [Update to version 2.0.3 or later.] [https://npmjs.com/advisories/535] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [minimatch] [Update to version 3.0.2 or later.] [https://npmjs.com/advisories/118] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [morgan] [Update to version 1.9.1 or later.] [https://npmjs.com/advisories/736] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [ms] [Update to version 0.7.1 or later. Alternatively, apply a reasonable length limit to parsed version strings.] [https://npmjs.com/advisories/46] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [critical] [open] [`open` is now the deprecated `opn` package. Upgrading to the latest version is likely have unwanted effects since it now has a very different API but will prevent this vulnerability.] [https://npmjs.com/advisories/663] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [parsejson] [The `parsejson` package has not been functionally updated since it was initially released. Additionally, it provides functionality which is natively included in Node.js, and therefore the native `JSON.parse()` should be used, for both performance and security reasons.] [https://npmjs.com/advisories/528] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [qs] [Update to version 1.0.0 or later.] [https://npmjs.com/advisories/29] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [low] [randomatic] [Update to version 3.0.0 or later. ] [https://npmjs.com/advisories/157] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [request] [Update to version 2.68.0 or later ] [https://npmjs.com/advisories/309] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [sshpk] [Update to version 1.13.2, 1.14.1 or later.] [https://npmjs.com/advisories/606] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [stringstream] [No fix is currently available for this vulnerability. It is our recommendation to not install or use this module if user input is being passed in to `stringstream`. ] [https://npmjs.com/advisories/664] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [tar] [For tar 4.x, upgrade to version 4.4.2 or later. For tar 2.x, upgrade to version 2.2.2 or later.] [https://npmjs.com/advisories/803] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [tough-cookie] [Update to version 2.3.3 or later.] [https://npmjs.com/advisories/525] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [tunnel-agent] [Update to version 0.6.0 or later.] [https://npmjs.com/advisories/598] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [moderate] [underscore.string] [Upgrade to version 3.3.5 or higher.] [https://npmjs.com/advisories/745] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [url-parse] [Update to version 1.4.3 or later.] [https://npmjs.com/advisories/678] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [useragent] [Update to version 2.1.13 or later.] [https://npmjs.com/advisories/312] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [webpack-dev-server] [For `webpack-dev-server` 2.x update to version 2.11.4 or later. For `webpack-dev-server` 3.x update to version 3.1.11 or later.] [https://npmjs.com/advisories/725] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [ws] [Update to version 3.3.1 or later.] [https://npmjs.com/advisories/550] LockFile: C:\SourceCode\quasar\docs\node_modules\autocomplete.js\yarn.lock Security Alert: [high] [cached-path-relative] [Update to version 1.0.2 or later.] [https://npmjs.com/advisories/739] LockFile: C:\SourceCode\quasar\docs\node_modules\browserify-zlib\yarn.lock Security Alert: [moderate] [static-eval] [Upgrade to version 2.0.2 or later.] [https://npmjs.com/advisories/758] LockFile: C:\SourceCode\quasar\docs\node_modules\browserify-zlib\yarn.lock Security Alert: [moderate] [static-eval] [Update to version 2.0.0 or later.] [https://npmjs.com/advisories/548] LockFile: C:\SourceCode\quasar\docs\node_modules\browserify-zlib\yarn.lock Security Alert: [high] [cryptiles] [Update to version 3.1.3 or 4.1.2 or later.] [https://npmjs.com/advisories/720] LockFile: C:\SourceCode\quasar\docs\node_modules\form-data\yarn.lock Security Alert: [high] [ecstatic] [If using `ecstatic` 4.x, upgrade to 4.1.2 or later. If using `ecstatic` 3.x, upgrade to 3.3.2 or later. If using `ecstatic` 2.x, upgrade to 2.2.2 or later.] [https://npmjs.com/advisories/830] LockFile: C:\SourceCode\quasar\docs\node_modules\tiny-emitter\yarn.lock Security Alert: [moderate] [ecstatic] [Update to version 2.0.0 or later.] [https://npmjs.com/advisories/553] LockFile: C:\SourceCode\quasar\docs\node_modules\tiny-emitter\yarn.lock Security Alert: [high] [ecstatic] [Update to version 1.4.0 or later.] [https://npmjs.com/advisories/64] LockFile: C:\SourceCode\quasar\docs\node_modules\tiny-emitter\yarn.lock Security Alert: [low] [merge] [Update to version 1.2.1 or later.] [https://npmjs.com/advisories/722] LockFile: C:\SourceCode\quasar\docs\node_modules\tiny-emitter\yarn.lock Security Alert: [critical] [shell-quote] [Update to version 1.6.1 or later.] [https://npmjs.com/advisories/117] LockFile: C:\SourceCode\quasar\docs\node_modules\tiny-emitter\yarn.lock Security Alert: [low] [uglify-js] [Update to version 2.6.0 or later.] [https://npmjs.com/advisories/48] LockFile: C:\SourceCode\quasar\docs\node_modules\tiny-emitter\yarn.lock Security Alert: [low] [uglify-js] [Upgrade UglifyJS to version >= 2.4.24.] [https://npmjs.com/advisories/39] LockFile: C:\SourceCode\quasar\docs\node_modules\tiny-emitter\yarn.lock