Skip to content
This repository has been archived by the owner on Mar 17, 2021. It is now read-only.

Dependency vulnerability #127

Closed
hipstermojo opened this issue Jun 2, 2018 · 2 comments
Closed

Dependency vulnerability #127

hipstermojo opened this issue Jun 2, 2018 · 2 comments

Comments

@hipstermojo
Copy link

The mime dependency has a RegEx Denial of Service vulnerability when I run npm audit and I was wondering if you guys had any plans of changing this.
@Pimm
Copy link
Contributor

Pimm commented Jun 2, 2018

url-loader 1.0.1 depends on mime ^2.0.3, which shouldn't be vulnerable according to broofa/mime#167. Are you on 1.0.1?

@alexander-akait
Copy link
Member

alexander-akait commented Jun 4, 2018
edited

@hipstermojo please update you url-loader to latest version

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Pimm @alexander-akait @hipstermojo