search

tleunen / babel-plugin-module-resolver

Custom module resolver plugin for Babel
MIT License
3.46k stars 205 forks source link

Vulnerability json5 #439

Closed krzy789 closed 1 year ago

krzy789 commented 1 year ago 
├─┬ babel-plugin-module-resolver@4.1.0
│ └─┬ find-babel-config@1.2.0
│   └── json5@0.5.1

json5 <2.2.2 Severity: high Prototype Pollution in JSON5 via Parse Method - https://github.com/advisories/GHSA-9c47-m6qq-7p4h

karlhorky commented 1 year ago

Also reported in find-babel-config over here:

tleunen commented 1 year ago

v5 has been released with the new version