Security Vulnerability on loader-utils

Question

Security Vulnerability on loader-utils

Closed this issue 2 years ago · 0 comments

Recent vulnerability scan shows that the color-tables project is vunerable to this Prototype Pollution issue
https://security.snyk.io/vuln/SNYK-JS-LOADERUTILS-3043105

The loader-utils package is actually pull by the @storybook/addons-storysource

We don't have yet a new version of addons-storysource.
However, I think we could still fix it in the production version because we should only have dev dependency to storybook.