facebook
Critical Security Vulnerability in @babel/[email protected]
Describe the bug
[email protected] is using @babel/[email protected] which has a critical vulnerability and was reported by Synk.
Introduced through: [email protected] › @babel/[email protected] › @babel/[email protected] Introduced through: [email protected] › @babel/[email protected] › @babel/[email protected] › @babel/[email protected] Introduced through: [email protected] › [email protected] › @jest/[email protected] › [email protected] › @jest/[email protected] › [email protected] › [email protected] › @babel/[email protected]
The package @babel/[email protected] used in [email protected] has a critical security vulnerability reported by Synk. This vulnerability is introduced through multiple dependencies, including @babel/[email protected], @babel/[email protected], and indirectly through Jest dependencies ([email protected], @jest/[email protected], [email protected], @jest/[email protected], [email protected], [email protected]).
Vulnerability Details:
Vulnerable Package: @babel/traverse Vulnerable Version: 7.22.8 Affected Dependencies: [email protected] @babel/[email protected] @babel/[email protected] [email protected] @jest/[email protected] [email protected] @jest/[email protected] [email protected] [email protected]
Recommended Fix: Update the @babel/traverse package to the latest non-vulnerable version.
