Contact Details
security-automation@local
This bug is related to UI or API?
UI
What happened?
npm audit reports a large number of vulnerable packages in the frontend dependency tree. The stack is still Vue 2 + Vue CLI 4 and includes multiple high-risk advisories.
Scan snapshot:
- total: 170
- critical: 15
- high: 42
- moderate: 93
- low: 20
Representative direct/high-risk packages:
- axios 0.18.0
- vxe-table 3.7.10
- xlsx 0.15.0
- vue-cli-service 4.x chain
Expected behavior:
- Create a phased frontend upgrade roadmap
- Prioritize direct dependencies with known exploitable advisories
- Add lockfile policy and CI audit threshold gates
Version
newest
What browsers are you seeing the problem on?
Chrome
Relevant log output
npm audit --json metadata:
critical=15 high=42 moderate=93 low=20 total=170
Contact Details
security-automation@local
This bug is related to UI or API?
UI
What happened?
npm auditreports a large number of vulnerable packages in the frontend dependency tree. The stack is still Vue 2 + Vue CLI 4 and includes multiple high-risk advisories.Scan snapshot:
Representative direct/high-risk packages:
Expected behavior:
Version
newest
What browsers are you seeing the problem on?
Chrome
Relevant log output