Serverless-offline security vulnerabilities

lambda

#1

installing serverless-offline generate security vulnerability.

found 4 high severity vulnerabilities in 20279 scanned packages
4 vulnerabilities require manual review. See the full report for details.

the reason is:
serverless-offline -> includes hapi v. 14.2.0 which in results includes cryptiles with version < 4.1.2
which generates this problem.
Any work around it?

Thank you,

Oleg


#2

The plugin’s github repo is the best place to look for support. It seems like someone has already reported it.