vue-loader icon indicating copy to clipboard operation
vue-loader copied to clipboard

Published 20 hours ago • verified publisher icon vuejs

bump loader-utils@^2.0.4

Open kjakub opened this issue 2 years ago • 1 comments

high │ loader-utils is vulnerable to Regular Expression Denial of │ │ │ Service (ReDoS) via url variable │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ loader-utils │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Patched in │ >=2.0.4 │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ vue-loader │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ vue-loader > loader-utils │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://www.npmjs.com/advisories/1084992

kjakub avatar Nov 17 '22 04:11 kjakub

@sodatea

kjakub avatar Nov 25 '22 05:11 kjakub