New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability in node-sass > sass-graph > yargs > yargs-parser #2912
Comments
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
xzyfer
added a commit
that referenced
this issue
May 4, 2020
This release fixes #2912 without breaking BC. See xzyfer/sass-graph#110
Merged
This comment has been minimized.
This comment has been minimized.
Fixed in v4.14.1 |
This was referenced Mar 9, 2021
This was referenced Mar 17, 2021
This was referenced Mar 17, 2021
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
After npm install --save-dev node-sass sass-loader
Get this report:
Low Prototype Pollution
Package yargs-parser
Patched in >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2
Dependency of node-sass [dev]
Path node-sass > sass-graph > yargs > yargs-parser
More info https://npmjs.com/advisories/1500
The text was updated successfully, but these errors were encountered: