Closed renovate[bot] closed 3 years ago
This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.
🔍 Inspect: https://vercel.com/zthxxx/react-dev-inspector/6h4VY9FDXBTrMwUPJnqfr2tbzBeS
✅ Preview: https://react-dev-insp-git-renovate-npm-is-svg-vulnerability-96a6ff.vercel.app
This PR contains the following updates:
3.0.0
->4.2.2
GitHub Vulnerability Alerts
CVE-2021-28092
The is-svg package 2.1.0 through 4.2.1 for Node.js uses a regular expression that is vulnerable to Regular Expression Denial of Service (ReDoS). If an attacker provides a malicious string, is-svg will get stuck processing the input for a very long time.
Configuration
:date: Schedule: "" (UTC).
:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.
:recycle: Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
:no_bell: Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.