lane-formio
commented
3 days ago I believe there might be some confusion here.
The vulnerability was in the formio library not formio.js.
Closed wesley3295 closed 2 days ago
lane-formio
commented
3 days ago I believe there might be some confusion here.
The vulnerability was in the formio library not formio.js.
wesley3295
commented
3 days ago I believe there might be some confusion here.
The vulnerability was in the formio library not formio.js.
I'm a dummy thank you
Describe the bug There is 3 critical vulnerabilities regarding vm2 and yes there is a audit fix but it involves reverting back to formio version 4.2.0. My company is currently using version ^5.0.0-rc.30.
Version/Branch ^5.0.0-rc.30
To Reproduce npm i with version ^5.0.0-rc.30
Expected behavior no vulnerabilities
Screenshots
Is there a workaround that doesn't involve breaking changes?