Security vulnerability CVE-2022-36313 in file-type dependency

jakejarvis / hugo-extended

✏️ Plug-and-play Node.js wrapper for Hugo Extended, the awesomest static-site generator.

https://www.npmjs.com/package/hugo-extended

MIT License

25 stars 6 forks source link

Open anoophp777 opened 1 year ago

anoophp777 commented 1 year ago

Our scans detected CVE-2023-34462 in huge-extended via file-type.

The version of Hugo we are using is 0.113.0. Even the latest Hugo versions - 0.115.1 - have this issue.

Could you verify and fix it? Thank you.