aegir@21.10.0 vulnerabilities

JavaScript project management

Direct Vulnerabilities

Known vulnerabilities in the aegir package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Credential Exposure

aegir is a JavaScript project management.

Affected versions of this package are vulnerable to Credential Exposure. aegir publish and aegir build may leak secrets from environmental variables in the browser bundle published to npm.

How to fix Credential Exposure?

Upgrade aegir to version 21.10.1 or higher.

>=21.7.0 <21.10.1