You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
4.46 is currently labeled as vulnerable to the CVE. This is either a lack of version-info linking at Sonatype, or their researchers consider older versions vulnerable as well. You should raise your concerns with Sonatype. See https://ossindex.sonatype.org/component/pkg:npm/webpack@4.46.0
Package URl
pkg:npm/webpack@4.46.0
CPE
cpe:2.3:a:webpack.js:webpack:4.46.0:::::::*
CVE
CVE-2023-28154
ODC Integration
None
ODC Version
8.4.0
Description
CVE reports "Webpack 5 before 5.76.0", but the proper range is 5.0.0 -> 5.76.0, Webpack 4 is unaffected.
See: webpack/webpack#16500 (comment)
The text was updated successfully, but these errors were encountered: