Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Vulnerability in cached-path-relative dependency

See original GitHub issue

cached-path-relative vulnerability found in package-lock.json 6 hours ago by GitHub

Remediation Upgrade cached-path-relative to version 1.0.2 or later.

Issue Analytics

State:
Created 5 years ago
Reactions:1
Comments:7 (4 by maintainers)

Top GitHub Comments

2reactions

goto-bus-stopcommented, Nov 8, 2018

yea if you do npm un browserify && npm install browserify you should get all the latest stuff.

0reactions

mkozjakcommented, Nov 8, 2018

Thanks, guys!

Top Results From Across the Web

cached-path-relative - Snyk Vulnerability Database

Learn more about known vulnerabilities in the cached-path-relative package. Memoize the results of the path.relative function.

Dependency vulnerabilities cached-path-relative, shell-quote

Snyk is complaining about vulnerabilities in the following dependencies: cached-path-relative from 1.0.2 shell-quote@1.7.2.

cached-path-relative - npm

Memoize the results of the path.relative function. ... Start using cached-path-relative in your project by running `npm i ...

Debian DLA-3221-1 : node-cached-path-relative - Tenable

The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as {} instead of ...

NVD - Results - National Institute of Standards and Technology

*Note:* This vulnerability derives from an incomplete fix in ... The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the ...