refine icon indicating copy to clipboard operation
refine copied to clipboard

Published 20 hours ago verified publisher icon refinedev

[BUG] 3 high severity vulnerabilities

Open warden38202 opened this issue 1 year ago • 1 comments

Describe the bug

path-to-regexp 2.0.0 - 3.2.0 Severity: high path-to-regexp outputs backtracking regular expressions - https://github.com/advisories/GHSA-9wv6-86v2-598j No fix available node_modules/path-to-regexp @ant-design/pro-layout <=4.3.2 || 4.7.3 - 7.20.0 Depends on vulnerable versions of path-to-regexp node_modules/@ant-design/pro-layout @refinedev/antd * Depends on vulnerable versions of @ant-design/pro-layout node_modules/@refinedev/antd

3 high severity vulnerabilities

Some issues need review, and may require choosing a different dependency.

Steps To Reproduce

Install @refinedev/cli

Expected behavior

Installation uses a newer, more secure version.

Packages

"@ant-design/icons": "^5.0.1", "@refinedev/antd": "^5.37.4", "@refinedev/cli": "^2.16.21", "@refinedev/core": "^4.47.1", "@refinedev/devtools": "^1.1.32", "@refinedev/inferencer": "^4.6.4", "@refinedev/kbar": "^1.3.6", "@refinedev/react-router-v6": "^4.5.5", "@refinedev/supabase": "^5.7.4", "@uiw/react-md-editor": "^3.19.5", "antd": "^5.0.5", "dayjs": "^1.11.11", "react": "^18.0.0", "react-dom": "^18.0.0", "react-router-dom": "^6.8.1"

Additional Context

"overrides": { "ink-markdown": { "marked":"^4.0.10" }, }

warden38202 avatar Sep 23 '24 01:09 warden38202