Remediation
Upgrade minimist to version 1.2.2 or later. For example:
minimist@^1.2.2:
version "1.2.2"
Always verify the validity and compatibility of suggestions with your codebase.
Details
GHSA-7fhm-mqm4-2wp7
moderate severity
Vulnerable versions: < 1.2.2
Patched version: 1.2.2
There are high severity security vulnerabilities in two of ESLints dependencies:
acorn
minimist
The releases 1.8.3 and lower of svjsl (JSLib-npm) are vulnerable, but only if installed in a developer environment. A patch has been released (v1.8.4) which fixes these vulnerabilities.
Identifiers:
CVE-2020-7598
SNYK-JS-ACORN-559469 (does not have a CVE identifier)
Remediation Upgrade minimist to version 1.2.2 or later. For example:
minimist@^1.2.2: version "1.2.2" Always verify the validity and compatibility of suggestions with your codebase.
Details GHSA-7fhm-mqm4-2wp7 moderate severity Vulnerable versions: < 1.2.2 Patched version: 1.2.2 There are high severity security vulnerabilities in two of ESLints dependencies:
The releases 1.8.3 and lower of svjsl (JSLib-npm) are vulnerable, but only if installed in a developer environment. A patch has been released (v1.8.4) which fixes these vulnerabilities.
Identifiers:
CVE-2020-7598 SNYK-JS-ACORN-559469 (does not have a CVE identifier)