同学，您这个项目引入了300个开源组件，存在1个漏洞，辛苦升级一下

[ghost]

检测到 tbreuss/mithril-by-examples 一共引入了300个开源组件，存在1个漏洞

漏洞标题：Socketio Engineio 资源管理错误漏洞
漏洞编号：CVE-2020-36048
漏洞描述：Socketio Engineio是Socketio社区的一个基于Javascript用于浏览器与设备进行双向通信的实时引擎。
Socketio Engine.IO before 4.0.0 存在安全漏洞，攻击者可利用该漏洞通过对长轮询传输的POST请求导致拒绝服务(资源消耗)。
影响范围：(∞, 4.0.0)
最小修复版本：4.0.0
缺陷组件引入路径：mithril-by-examples@1.0.0->@11ty/eleventy@1.0.0->browser-sync@2.27.7->socket.io@2.4.0->engine.io@3.5.0

另外还有几个漏洞，详细报告：https://mofeisec.com/jr?p=n50cc9

[tbreuss]

@Kwaisece

(Translated to English) Hello, classmates, the above vulnerability report is a report of several vulnerabilities in this project when my IDE is running, and the security plug-in prompts you to fix it. I am worried that other people will also use your project to introduce these vulnerabilities. . :)

Thanks for the report. I'll try to fix this soon.