Attack Navigator solution with vulnerable modules #685
Description
As a tool for security purposes logging above look very vulnerable for usage in production.
Am I doing something incorrect of is the solution using older vulnerable components?
Install is today on current Kali VM with node v20.19.2 and npm 9.2.0 after git clone of https://github.com/mitre-attack/attack-navigator.git
~/Documents/MITRE_Attack/navigator/nav-app]
└─$ npm install
npm WARN deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated [email protected]: This package is no longer supported. Please use @npmcli/package-json instead.
npm WARN deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated [email protected]: Glob versions prior to v9 are no longer supported
npm WARN deprecated [email protected]: This package is no longer supported.
npm WARN deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm WARN deprecated [email protected]: TSLint has been deprecated in favor of ESLint. Please see palantir/tslint#4534 for more information.
added 1233 packages, and audited 1234 packages in 22s
20 vulnerabilities (1 low, 14 moderate, 5 high)