martinyis
commented
1 year ago Hi , can I work on this issue?
Closed gsenthilnathan closed 7 months ago
martinyis
commented
1 year ago Hi , can I work on this issue?
satkhan
commented
1 year ago override in package.json and perform audit fix.
"overrides": { "semver": "~7.5.2" },
This will leave the vulnerability as we speak, but I am still figuring out what is it exactly. For now it will solve your issue
github-actions[bot]
commented
7 months ago This issue has been automatically marked as stale. If this issue is still affecting you, please leave any comment (for example, "bump"), and we'll keep it open. We are sorry that we haven't been able to prioritize it yet. If you have any new additional information, please include it with your comment!
github-actions[bot]
commented
7 months ago Closing this issue after a prolonged period of inactivity. If this issue is still present in the latest release, please create a new issue with up-to-date information. Thank you!
npm audit report
semver <7.5.2 Severity: moderate semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw No fix available node_modules/@babel/core/node_modules/semver node_modules/@babel/helper-compilation-targets/node_modules/semver @babel/core Depends on vulnerable versions of @babel/helper-compilation-targets Depends on vulnerable versions of semver node_modules/@babel/core @vitejs/plugin-react Depends on vulnerable versions of @babel/core node_modules/@vitejs/plugin-react @babel/helper-compilation-targets >=7.8.1 Depends on vulnerable versions of semver node_modules/@babel/helper-compilation-targets
4 moderate severity vulnerabilities
Some issues need review, and may require choosing a different dependency.