webpack-dev-server icon indicating copy to clipboard operation
webpack-dev-server copied to clipboard

Published 20 hours ago verified publisher icon webpack

CVE-2024-47764 (GHSA-pxg6-pf52-xh8x) - versions < 0.7.0 of cookie have a low severity vulnerability

Open createdbysk opened this issue 1 year ago • 0 comments

Per CVE-2024-47764 (https://github.com/advisories/GHSA-pxg6-pf52-xh8x), versions < 0.7.0 of cookie have a low severity vulnerability.

webpack-dev-server's depends on cookie 0.6.0 via express 4.21.0. express 4.21.1 addresses this issue.

Upgrade webpack-dev-server's dependency on express to express 4.21.1.

  • [ ] This is a bug
  • [x] This is a modification request

Code

// webpack.config.js

// additional code, remove if not needed.

Please paste the results of npx webpack-cli info here, and mention other relevant information

Expected Behavior

Actual Behavior

For Bugs; How can we reproduce the behavior?

For Features; What is the motivation and/or use-case for the feature?

createdbysk avatar Oct 20 '24 11:10 createdbysk