Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
webpack-dev-server vulnerability
See original GitHub issueBug Report or Feature Request (mark with an x)
- [X] bug report -> please search issues before submitting
- [ ] feature request
Command (mark with an x)
- [ ] new
- [ ] build
- [ ] serve
- [ ] test
- [ ] e2e
- [ ] generate
- [ ] add
- [ ] update
- [ ] lint
- [ ] xi18n
- [ ] run
- [ ] config
- [ ] help
- [ ] version
- [ ] doc
- [X] dependencies
Versions
node: 10.14.2 npm: 6.4.1
Angular CLI: 7.1.4
Node: 10.14.2
OS: win32 x64
Angular: 7.1.4
@angular-devkit/architect 0.10.7
@angular-devkit/build-angular 0.11.4
@angular-devkit/build-optimizer 0.11.4
@angular-devkit/build-webpack 0.10.7
@angular-devkit/core 7.0.7
@angular-devkit/schematics 7.1.4
@ngtools/webpack 7.1.4
@schematics/angular 7.1.4
@schematics/update 0.11.4
rxjs 6.3.3
typescript 3.1.6
webpack 4.19.1
--
Repro steps
npm install
The log given by the failure
=== npm audit security report === Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High Missing Origin Validation
Package webpack-dev-server
Patched in >=3.1.11
Dependency of @angular-devkit/build-angular [dev]
Path @angular-devkit/build-angular > webpack-dev-server
More info https://nodesecurity.io/advisories/725
found 1 high severity vulnerability in 78596 scanned packages
1 vulnerability requires manual review. See the full report for details.
--
Issue Analytics
- State:
- Created 5 years ago
- Reactions:75
- Comments:38 (8 by maintainers)
Top Results From Across the Web
webpack-dev-server - Snyk Vulnerability Database
version published direct vulnerabilities
4.11.1 19 Sep, 2022 0. C. 0. H. 0. M. 0. L
4.11.0 7 Sep, 2022 0. C. 0. H. 0....
Read more >A vulnerability found in webpack-dev-server #1445 - GitHub
Hi, I found a vulnerability in webpack-dev-server, how do I report it to you?
Read more >Webpack.js Webpack-dev-server : CVE security vulnerabilities ...
This page lists vulnerability statistics for all versions of Webpack.js Webpack-dev-server. Vulnerability statistics provide a quick overview for security ...
Read more >webpack-dev-server Vulnerability Data
The most accurate and complete database of public and private vulnerabilities. Source Code Scanner. Lightman Scanner. Identify vulnerabilities in your code.
Read more >webpack-dev-server vulnerabilities and exploits - Vulmon
webpack -dev-server vulnerabilities and exploits ... An issue was discovered in lib/Server.js in webpack-dev-server before 3.1.6. Attackers are able to steal ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@angular/cli@7.2.1and@angular-devkit/build-angular@0.12.1are now released. Using these versions should remove the audit failure.Hi all, we’re looking at why this wasn’t included in the 7.2 release and will probably do a new release with it later today.