ng-packagr@9.0.0-rc.5

Vulnerabilities

1 via 1 paths

Dependencies

228

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Command Injection

  • Vulnerable module: ng-packagr
  • Introduced through: ng-packagr@9.0.0-rc.5

Detailed paths

  • Introduced through: ng-packagr@9.0.0-rc.5
    Remediation: Upgrade to ng-packagr@10.1.1.

Overview

ng-packagr is a Compile and package a TypeScript library to Angular Package Format

Affected versions of this package are vulnerable to Command Injection via the styleIncludePaths option.

Remediation

Upgrade ng-packagr to version 10.1.1 or higher.

References