imagemin-webpack-plugin icon indicating copy to clipboard operation
imagemin-webpack-plugin copied to clipboard

Published 20 hours ago verified publisher icon Klathmon

Dependency imagemin security vulnerability

Open kkmavr opened this issue 3 years ago • 0 comments

There is a vulnerability in the glob-parent library used. imagemin-webpack-plugin>imagemin 6.1.0 >globby 8.0.1 >fast-glob 2.0.2 >glob-parent 3.1.0

https://github.com/advisories/GHSA-ww39-953v-wcq6

Is there a change to update imagemin to v8.0.1 that ends up using glop-parent v5.1.2 which is the patched version?

kkmavr avatar Nov 04 '21 11:11 kkmavr