Fix vulnerability in dependencies

marp-team / marpit

The skinny framework for creating slide deck from Markdown

https://marpit.marp.app/

MIT License

964 stars 46 forks source link

Closed yhatt closed 3 years ago

yhatt commented 3 years ago

Fixed vulnerability in dependencies.

[HIGH] CVE-2021-23358: Arbitrary Code Execution in underscore
- JSDoc is depending on vulnerable outdated underscore.
[MODERATE] CVE-2021-23362: Regular Expression Denial of Service in hosted-git-info
- Applied a patch as same as Marp CLI.