postcss Denial of Service
Closed this issue · 2 comments
TerrenceBerg commented
I have a problem with "postcss": "^7.0.35",
When I run npm audit this is what I get.
postcss 7.0.0 - 8.2.9
Severity: moderate
Regular Expression Denial of Service - https://npmjs.com/advisories/1693
fix available via npm audit fix --force
Will install resolve-url-loader@2.3.2, which is a breaking change
node_modules/resolve-url-loader/node_modules/postcss
resolve-url-loader 3.0.0-alpha.1 - 4.0.0
Depends on vulnerable versions of postcss
node_modules/resolve-url-loader
TerrenceBerg commented
Thank you Ben!
… On May 20, 2021, at 3:03 PM, Ben Holloway ***@***.***> wrote:
Please refer to #198 <#198> for solutions
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub <#203 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ACC5T6OQQETOT267MZYUSPTTOWBKZANCNFSM45HRKLUA>.