I worked on the project Free Online Office, a collaborative online office based on LibreOffice technology, to solve vulnerabilities of the used JavaScript packages. I updated all used JavaScript packages to new versions. The command ’npm audit‘ reports no vulnerabilities now.
This is a big difference to the starting point, where there was and is the following report:
57 vulnerabilities (1 low, 20 moderate, 34 high, 2 critical)
I’ll create a new Docker image from the updated source code and publish it on the Docker hub during the next days. You can get it from there with:
docker pull freeonlineoffice/online:nightly