[FP]: npm loader-utils@1.4.1 #5044
Comments
|
Npm Coordinates npm -i loader-utils@1.4.1Suppression rule: <suppress base="true">
<notes><![CDATA[
FP per issue #5044
]]></notes>
<packageUrl regex="true">^pkg:npm/loader-utils@.*$</packageUrl>
<cpe>cpe:/a:webpack.js:loader-utils</cpe>
</suppress>Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/3437067363 |
|
@Felk This was due to the vulnerability data at the NIST NVD datastreams. It has been updated meanwhile (at 11/17/2022 9:14:18 AM), but in future you can directly reach out to them using the "[Are we missing a CPE here? Please let us know]" link of the NVD page of the vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2022-37601) |
|
ah, good to know thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Package URl
pkg:npm/loader-utils@1.4.1
CPE
cpe:2.3:a:webpack.js:loader-utils:1.4.1:::::::*
CVE
CVE-2022-37601
ODC Integration
{"label"=>"Maven Plugin"}
ODC Version
7.3.0
Description
CVE-2022-37601 was also fixed in loader-utils@1.4.1 via backport, as per webpack/loader-utils#218 and https://github.com/webpack/loader-utils/releases/tag/v1.4.1
The text was updated successfully, but these errors were encountered: