Relatively new CVE's posted to GH's advisory board, and being reported in the audit hook.
╔══════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════════╗
║ === npm audit security report === ║
║ ║
║ ID │ Module │ Title │ Paths │ Sev. │ URL │ Ex. ║
║ 1098681 │ micromatch │ Regular Expression Denial of Service (ReDoS) in │ micromatch │ moderate │ https://github.com/advisories/GHSA-952p-6rrq-rcjv │ n ║
║ │ │ micromatch │ │ │ │ ║
║ 1099690 │ vite │ Vite DOM Clobbering gadget found in vite bundled │ @types/vite-plugin-react-svg>vite │ moderate │ https://github.com/advisories/GHSA-64vr-g452-qvp3 │ n ║
║ │ │ scripts that leads to XSS │ vite │ │ │ ║
║ 1099692 │ vite │ Vite DOM Clobbering gadget found in vite bundled │ @types/vite-plugin-react-svg>vite │ moderate │ https://github.com/advisories/GHSA-64vr-g452-qvp3 │ n ║
║ │ │ scripts that leads to XSS │ vite │ │ │ ║
║ 1099695 │ vite │ Vite's `server.fs.deny` is bypassed when using │ @types/vite-plugin-react-svg>vite │ moderate │ https://github.com/advisories/GHSA-9cwx-2883-4wfx │ n ║
║ │ │ `?import&raw` │ vite │ │ │ ║
║ 1099697 │ vite │ Vite's `server.fs.deny` is bypassed when using │ @types/vite-plugin-react-svg>vite │ moderate │ https://github.com/advisories/GHSA-9cwx-2883-4wfx │ n ║
║ │ │ `?import&raw` │ vite │ │ │ ║
╚═════════╧════════════╧════════════════════════════════════════════════════╧═════════════════════════════════════════╧══════════╧═══════════════════════════════════════════════════╧═════╝
Relatively new CVE's posted to GH's advisory board, and being reported in the audit hook.
Resolution:
Fix the CVE's