Open andrem0 opened 1 year ago
Audited version: 0.9.8
Result: │ moderate │ Regular Expression Denial of Service in postcss │ Package │ postcss │ Patched in │ >=7.0.36 │ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > postcss │ More info │ https://www.npmjs.com/advisories/1070012
│ moderate │ Regular Expression Denial of Service in postcss │ Package │ postcss │ Patched in │ >=7.0.36 │ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > postcss-modules-extract-imports > postcss │ More info │ https://www.npmjs.com/advisories/1070012
│ moderate │ Regular Expression Denial of Service in postcss │ Package │ postcss │ Patched in │ >=7.0.36 │ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > postcss-modules-resolve-imports > icss-utils > postcss │ More info │ https://www.npmjs.com/advisories/1070012
│ critical │ Prototype pollution in webpack loader-utils │ Package │ loader-utils │ Patched in │ >=1.4.1 │ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > generic-names > loader-utils │ More info │ https://www.npmjs.com/advisories/1084924
@ricokahler will you address this in a hotfix, or give any update on whether this is fixed in the coming v1, and when v1 will be released?
Audited version: 0.9.8
Result: │ moderate │ Regular Expression Denial of Service in postcss │ Package │ postcss │ Patched in │ >=7.0.36 │ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > postcss
│ More info │ https://www.npmjs.com/advisories/1070012
│ moderate │ Regular Expression Denial of Service in postcss │ Package │ postcss │ Patched in │ >=7.0.36 │ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > postcss-modules-extract-imports > postcss │ More info │ https://www.npmjs.com/advisories/1070012
│ moderate │ Regular Expression Denial of Service in postcss │ Package │ postcss │ Patched in │ >=7.0.36
│ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > postcss-modules-resolve-imports > icss-utils > postcss │ More info │ https://www.npmjs.com/advisories/1070012
│ critical │ Prototype pollution in webpack loader-utils │ Package │ loader-utils │ Patched in │ >=1.4.1 │ Dependency of │ sanity-codegen │ Path │ sanity-codegen > babel-plugin-css-modules-transform > css-modules-require-hook > generic-names > loader-utils │ More info │ https://www.npmjs.com/advisories/1084924
@ricokahler will you address this in a hotfix, or give any update on whether this is fixed in the coming v1, and when v1 will be released?