mde/ejs

How to fix CVE-2023-29827 ?

kraison1 opened this issue · 1 comments

kraison1 commented

I have a problem with black duck
@mde
Ref nvd: https://nvd.nist.gov/vuln/detail/CVE-2023-29827

Dependency Path: react-scripts (5.0.1) -> workbox-build (6.6.0) -> @surma/rollup-plugin-off-main-thread (2.2.3) -> ejs(3.1.9)

Img nvd
Screen-Shot-2566-06-26-at-11.40.097f8bd4d89d054c96.png

Img black duck
Screen-Shot-2566-06-26-at-11.23.03.png

RyanZim commented

Erroneous vulnerability report; dupe of #720.