vuepress-plugin-feed icon indicating copy to clipboard operation
vuepress-plugin-feed copied to clipboard

Published 20 hours ago verified publisher icon webmasterish

SNYK Security Vulnerablity: ReDoS

Open staghouse opened this issue 6 years ago • 2 comments

Description

snyk package reports vulnerability with remove-markdown dependency

See this issue

Expected Behavior

To not have a security issue

Actual Behavior

Has a security issue

Steps to Reproduce

Run snyk on a vuepress instance using this plugin

Your Environment

Description Value
vuepress-plugin-feed version 0.1.7
node version 12.8.0
npm version 6.10.2
OS OSX 10.14.5

staghouse avatar Aug 15 '19 02:08 staghouse

Thank you @staghouse for pointing it out.

Will have to wait for remove-markdown dependency to be updated, unless you have a ready solution. Do you?

webmasterish avatar Aug 16 '19 01:08 webmasterish

Currently no. Sorry

staghouse avatar Aug 16 '19 15:08 staghouse