chalk/wrap-ansi

Wrap-Ansi using vulnerable packages

Hunter343 opened this issue · 0 comments

wrap-ansi is using packages that are vulnerable to Inefficient Regular Expression Complexity (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3807). This vulnerability lives in ansi-regex 5.0.1 and has been resolved in ansi-regex 6.0.1.

wrap-ansi needs to update the dependencies string-width and strip-ansi to their current version to resolve this vulnerability