Bump vite from 5.4.0 to 7.1.10 #4917
23 new security issues (0 max.).
Annotations
Check warning on line 4779 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L4779
Insecure dependency npm/@angular/[email protected] (CVE-2021-4231: angular: XSS vulnerability) (update to 10.2.5)
Check warning on line 18055 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L18055
Insecure dependency npm/@babel/[email protected] (CVE-2025-27789: Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups) (update to 7.26.10)
Check warning on line 18613 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L18613
Insecure dependency npm/[email protected] (CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function) (update to 3.0.5)
Check warning on line 18805 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L18805
Insecure dependency npm/[email protected] (CVE-2022-25883: nodejs-semver: Regular expression denial of service) (update to 7.5.2)
Check warning on line 23613 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L23613
Insecure dependency npm/[email protected] (CVE-2025-58754: axios: Axios DoS via lack of data size check) (update to 1.12.0)
Check notice on line 24783 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L24783
Insecure dependency npm/[email protected] (CVE-2025-5889: brace-expansion: juliangruber brace-expansion index.js expand redos) (update to 2.0.2)
Check failure on line 25769 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L25769
Insecure dependency npm/[email protected] (CVE-2025-9287: cipher-base: Cipher-base hash manipulation) (update to 1.0.5)
Check failure on line 28733 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L28733
Insecure dependency npm/[email protected] (GHSA-vjh7-7g9h-fjfh: Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)) (update to 6.6.1)
Check notice on line 39254 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L39254
Insecure dependency npm/[email protected] (CVE-2025-54798: tmp: tmp Symbolic Link Write Vulnerability) (update to 0.2.4)
Check notice on line 39459 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L39459
Insecure dependency npm/[email protected] (CVE-2025-57319: fast-redact: fast-redact prototype pollution) (no fix available)
Check warning on line 42888 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L42888
Insecure dependency npm/[email protected] (CVE-2022-25881: http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability) (update to 4.1.1)
Check warning on line 42951 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L42951
Insecure dependency npm/[email protected] (CVE-2025-32996: http-proxy-middleware: Always-Incorrect Control Flow Implementation in http-proxy-middleware) (update to 3.0.4)
Check warning on line 42951 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L42951
Insecure dependency npm/[email protected] (CVE-2025-32997: http-proxy-middleware: Improper Check for Unusual or Exceptional Conditions in http-proxy-middleware) (update to 3.0.5)
Check notice on line 44293 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L44293
Insecure dependency npm/[email protected] (CVE-2023-42282: nodejs-ip: arbitrary code execution via the isPublic() function) (update to 1.1.9)
Check warning on line 44293 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L44293
Insecure dependency npm/[email protected] (CVE-2024-29415: node-ip: Incomplete fix for CVE-2023-42282) (no fix available)
Check failure on line 53767 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L53767
Insecure dependency npm/[email protected] (CVE-2022-37614: mockery is vulnerable to prototype pollution) (no fix available)
Check warning on line 53818 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L53818
Insecure dependency npm/[email protected] (CVE-2022-24785: Moment.js: Path traversal in moment.locale) (update to 2.29.2)
Check warning on line 53818 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L53818
Insecure dependency npm/[email protected] (CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS) (update to 2.29.4)
Check warning on line 59538 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L59538
Insecure dependency npm/[email protected] (CVE-2020-7598: nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload) (update to 0.2.1)
Check failure on line 59538 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L59538
Insecure dependency npm/[email protected] (CVE-2021-44906: minimist: prototype pollution) (update to 0.2.4)
Check warning on line 65482 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L65482
Insecure dependency npm/[email protected] (CVE-2020-26301: nodejs-ssh2: Command injection by calling vulnerable method with untrusted input) (update to 1.4.0)
Check notice on line 70332 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L70332
Insecure dependency npm/[email protected] (NSWG-ECO-445: Out-of-bounds Read) (no fix available)
Check warning on line 71273 in package-lock.json
codacy-production / Codacy Static Code Analysis
package-lock.json#L71273
Insecure dependency npm/[email protected] (CVE-2024-6783: vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)) (update to 3.0.0)