static-eval icon indicating copy to clipboard operation
static-eval copied to clipboard

Published 20 hours ago verified publisher icon browserify

CVE in word-wrap

Open SymbioticKilla opened this issue 2 years ago • 1 comments

Hi @goto-bus-stop ,

there is a CVE in word-wrap: https://github.com/jonschlinkert/word-wrap/pull/33 It is fixed and integrated in latest optionator 0.9.x, which is used in escodegen 2.x. Is there any chance to update escodegen to 2.x? Thanks!

[email protected] │ └─┬ [email protected] │ └── [email protected]

Optionator team will not merge the fix to 0.8.x: https://github.com/gkz/optionator/pull/46

SymbioticKilla avatar Jun 30 '23 13:06 SymbioticKilla

I just opened https://github.com/browserify/static-eval/pull/43 for this.

FabianWarnecke avatar Jul 10 '23 07:07 FabianWarnecke