Depends on vulnerable versions of Axios and Optimist

After installing in my node project, I got several vulnerability alerts from npm:

axios <=0.21.1 Severity: high Incorrect Comparison in axios - https://github.com/advisories/GHSA-cph5-m8f7-6c5x Server-Side Request Forgery in Axios - https://github.com/advisories/GHSA-4w2v-q235-vp99 Denial of Service in axios - https://github.com/advisories/GHSA-42xw-2xvc-qx8m fix available via npm audit fix --force Will install crawler-request@0.1.1, which is a breaking change node_modules/crawler-request/node_modules/axios crawler-request >=1.1.3 Depends on vulnerable versions of axios node_modules/crawler-request

and

minimist <0.2.1 Severity: moderate Prototype Pollution in minimist - https://github.com/advisories/GHSA-vh95-rmgr-6w4m fix available via npm audit fix node_modules/optimist/node_modules/minimist optimist >=0.6.0 Depends on vulnerable versions of minimist node_modules/optimist html-to-text 2.0.0 - 5.0.0 Depends on vulnerable versions of optimist node_modules/html-to-text

I would suggest updating your dependency list

Edited Dec 26, 2021 by Anthony Sgro