You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Do you want to request a feature, report a bug or ask a question?
Vulnerability
What is the current behavior?
Running npm audit fix suggests rolling back svg-sprite-loader to 2.0.3
What is the expected behavior?
Being able to use the latest version
Please tell us about your environment:
Node.js version: 16.14.0
webpack version: 5.72.1
svg-sprite-loader version: 6.0.11
OS type & version: windows 10
Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. stackoverflow, gitter, etc)
`postcss <7.0.36
Severity: moderate
Regular Expression Denial of Service in postcss - https://github.com/advisories/GHSA-566m-qj78-rww5
fix available via npm audit fix --force
Will install svg-sprite-loader@2.0.3, which is a breaking change
node_modules/postcss
svg-baker >=1.2.5
Depends on vulnerable versions of postcss
node_modules/svg-baker
svg-baker-runtime >=1.4.0-alpha.10475b37
Depends on vulnerable versions of svg-baker
node_modules/svg-baker-runtime
svg-sprite-loader >=2.0.4
Depends on vulnerable versions of svg-baker
Depends on vulnerable versions of svg-baker-runtime
node_modules/svg-sprite-loader
4 moderate severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force`
The text was updated successfully, but these errors were encountered:
Do you want to request a feature, report a bug or ask a question?
Vulnerability
What is the current behavior?
Running
npm audit fixsuggests rolling back svg-sprite-loader to2.0.3What is the expected behavior?
Being able to use the latest version
Please tell us about your environment:
Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. stackoverflow, gitter, etc)
The text was updated successfully, but these errors were encountered: