You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Looks MapBox polyline depends on meow which has dependency on normalize-package-data and semver.
But the latest MapBox polyline is referencing the semver@5.7.2 which has CVE-2022-25883 security issue.
Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
Could you please help to upgrade the meow to latest? Thanks.
The text was updated successfully, but these errors were encountered:
Looks
MapBox polyline
depends onmeow
which has dependency onnormalize-package-data
andsemver
.But the latest
MapBox polyline
is referencing thesemver@5.7.2
which has CVE-2022-25883 security issue.Could you please help to upgrade the
meow
to latest? Thanks.The text was updated successfully, but these errors were encountered: