search

ZacharyDonnelly / RawBase

Online code editor and code storage
0 stars 0 forks source link

fix(deps): update dependency loader-utils to v3.2.1 [security] #189

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
loader-utils 3.2.0 -> 3.2.1 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2022-37599

A regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils via the resourcePath variable in interpolateName.js. A badly or maliciously formed string could be used to send crafted requests that cause a system to crash or take a disproportional amount of time to process. This issue has been patched in versions 1.4.2, 2.0.4 and 3.2.1.

CVE-2022-37603

A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js. A badly or maliciously formed string could be used to send crafted requests that cause a system to crash or take a disproportional amount of time to process. This issue has been patched in versions 1.4.2, 2.0.4 and 3.2.1.

Release Notes

webpack/loader-utils ### [`v3.2.1`](https://togithub.com/webpack/loader-utils/blob/HEAD/CHANGELOG.md#​321-httpsgithubcomwebpackloader-utilscomparev320v321-2022-11-11) [Compare Source](https://togithub.com/webpack/loader-utils/compare/v3.2.0...v3.2.1)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.