Hi, I noticed that speaker has an open CVE since february 20, 2024 that shows up as "high severity" when installing the package via npm. It is in the GitHub advisories repository (GHSA-w5fc-gj3h-26rx)
I couldn't find any discussion about this CVE. Can this be investigated? From the CVE report, it actually doesn't look severe in my opinion. Still, it should be addressed.
npm audit
Hi, I noticed that
speakerhas an open CVE since february 20, 2024 that shows up as "high severity" when installing the package via npm. It is in the GitHub advisories repository (GHSA-w5fc-gj3h-26rx)I couldn't find any discussion about this CVE. Can this be investigated? From the CVE report, it actually doesn't look severe in my opinion. Still, it should be addressed.
npm audit