Hi, vulnerability scanner detected two dependencies in the yarn.lock file as vulnerable version referenced.
Minimist:
CVE-2021-44906 - The vulnerability can be remediated by updating the library to version 1.2.6 or higher.
See:
|
minimist@^1.2.0, minimist@^1.2.5: |
Loader-Utils:
CVE-2022-37601 - The vulnerability can be remediated by updating the library to version 2.0.3 or higher.
See :
See:
|
loader-utils@^1.1.0, loader-utils@^1.2.3, loader-utils@^1.4.0: |
Ruby version: 3.2.0
Webpacker version: 5.4.3
Desired behavior: Could you update these two dependencies to the non-vulnerable versions? Thank you.
Hi, vulnerability scanner detected two dependencies in the yarn.lock file as vulnerable version referenced.
Minimist:
CVE-2021-44906 - The vulnerability can be remediated by updating the library to version 1.2.6 or higher.
See:
webpacker/yarn.lock
Line 5241 in e0c998e
Loader-Utils:
CVE-2022-37601 - The vulnerability can be remediated by updating the library to version 2.0.3 or higher.
See :
webpacker/yarn.lock
Line 4990 in e0c998e
See:
webpacker/yarn.lock
Line 4981 in e0c998e
Ruby version: 3.2.0
Webpacker version: 5.4.3
Desired behavior: Could you update these two dependencies to the non-vulnerable versions? Thank you.