aegir@21.7.0 vulnerabilities

JavaScript project management

  • latest version

    45.0.8

  • latest non vulnerable version

  • first published

    8 years ago

  • latest version published

    9 days ago

  • licenses detected

    • >=2.0.0 <36.2.0
  • Direct Vulnerabilities

    Known vulnerabilities in the aegir package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Credential Exposure

    aegir is a JavaScript project management.

    Affected versions of this package are vulnerable to Credential Exposure. aegir publish and aegir build may leak secrets from environmental variables in the browser bundle published to npm.

    How to fix Credential Exposure?

    Upgrade aegir to version 21.10.1 or higher.

    >=21.7.0 <21.10.1