fontmin-webpack icon indicating copy to clipboard operation
fontmin-webpack copied to clipboard

Published 20 hours ago verified publisher icon patrickhulce

fontmin-webpack brings an insecure version of glob-parent

Open Rudloff opened this issue 2 years ago • 2 comments

[email protected] requires glob-parent@^3.1.0 via a transitive dependency on [email protected]

This version is vulnerable to https://github.com/advisories/GHSA-ww39-953v-wcq6.

Rudloff avatar Oct 16 '22 11:10 Rudloff

We are experiencing the same issue. Any chance to resolve this?

kosmeln avatar Dec 05 '22 15:12 kosmeln

Any updates here? This vulnerability is marked as "severe" and it has been month since this issue was posted. Did anybody find a workaround?

kosmeln avatar Feb 20 '23 19:02 kosmeln