You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Guys, we are using a dependency called svg-inline-loader which is using loader-utils@.4.2 which seems to be using json5@1.0.2 and since svg-inline-loader version we are using is the latest one, we would need for loader-utils to be on a version that is using a json5 version where the CVE has been patched or perhaps a version not needing that dependency at all.
Could you please advise as we need to resolve these vulnerabilities as soon as possible.
The text was updated successfully, but these errors were encountered:
loader-utils is deprecated and should not used in loader anymore, also loader-utils@0.4.2 is outdated and this CVE was fixed in the last version, so please ask developer(s) of svg-inline-loader update deps
Guys, we are using a dependency called
svg-inline-loaderwhich is usingloader-utils@.4.2which seems to be usingjson5@1.0.2and sincesvg-inline-loaderversion we are using is the latest one, we would need forloader-utilsto be on a version that is using ajson5version where the CVE has been patched or perhaps a version not needing that dependency at all.Could you please advise as we need to resolve these vulnerabilities as soon as possible.
The text was updated successfully, but these errors were encountered: