New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v3.11.2 vulnerability from execa@1.0.0 #2984

Closed

1 of 2 tasks

tomasAlabes opened this issue Feb 2, 2021 · 2 comments

Closed

1 of 2 tasks

v3.11.2 vulnerability from execa@1.0.0 #2984

tomasAlabes opened this issue Feb 2, 2021 · 2 comments

tomasAlabes commented Feb 2, 2021 •

edited

Operating System: Mac
Node Version: 12.19.1
NPM Version: 6.14.8
webpack Version: 4.46.0
webpack-dev-server Version: 3.11.2
Browser:

This is a bug
This is a modification request

Actual Behavior

sonatype-2019-0206 vulnerability found through:

webpack-dev-server@3.11.2 -> internal-ip@^4.3.0 -> default-gateway@^4.2.0 -> execa@^1.0.0

sonatype-2019-0206 | 9.8 | execa : 0.7.0 | 2.0.1+

Example of npm tracking it: npm/cli#1490

The text was updated successfully, but these errors were encountered:

Member

alexander-akait commented Feb 2, 2021

We can't fix it without breaking change, sorry

Member

alexander-akait commented Feb 12, 2021

Fixed for v4 https://github.com/webpack/webpack-dev-server/blob/master/package.json#L49

alexander-akait closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment