Security Vulnerability - loader-utils 2.0.2

[rodoabad]

@pmmmwh a lock rebuild should fix this or us updating ^2.0.0 to the latest v3 version.

https://www.mend.io/vulnerability-database/CVE-2022-37599

[hnjoshi]

+1
I am seeing the same vulnerability in scan. It will be very helpful if loader-utils is updated to v3.

[pmmmwh]

To my understanding, it is possible to update to loader-utils@2.0.3 which fixes this CVE without having us update to v3. That should be possible once you do a lockfile rebuild.

[gouthamr22]

+1
I am seeing the same issue could you update it to loader-utils - 3.0.0

[hnjoshi]

@pmmmwh currently npm install is not fetching 2.0.3 loader-utils. So can you please help update the loader-utils in your pkg json so that we can get updated version?

[pbochnak]

Hi Guys, when can we expect a release with updated loader-utils?

[pmmmwh]

Fixed by #685