Depends on vulnerable versions of cookieΒ #159
Description
Hello
A vulnerability is detected with the dependency cookie.
A patch version of cookie exists.
cookie <0.7.0
cookie accepts cookie name, path, and domain with out of bounds characters - https://github.com/advisories/GHSA-pxg6-pf52-xh8x
No fix available
node_modules/cookie
cookie-universal *
Depends on vulnerable versions of cookie
node_modules/cookie-universal
elliptic *
Valid ECDSA signatures erroneously rejected in Elliptic - https://github.com/advisories/GHSA-fc9h-whq2-v747
fix available via `npm audit fix`
node_modules/elliptic
secp256k1 >=2.0.0
Depends on vulnerable versions of elliptic
node_modules/secp256k1Regards