Update vulnerable package

Open on Drupal.org →

Created on 20 December 2024, 4 months ago

Hello,

As the parent issue, there is one vulnerable package used in package-lock.json : nanoid.
There is a CVE (https://avd.aquasec.com/nvd/cve-2024-55565) with a medium severity for version 3.3.7
Is it possible to update it to 3.3.8 ?

Thank you !

📌 Task

Status

Active

Component

Code

Created by

🇫🇷France amaloisel

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Comments & Activities

Issue created by @amaloisel

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024