Bump next version to >=14.2.10 to address vulnerabilities
Closed this issue · 1 comments
deeprisk-ajohn commented
Describe the Bug
Not sure what the schedule is to address renovate dependency updates, but I figure this one that would help cover a couple of vulnerabilities:
GHSA-gp8f-8m3g-qvj9 (High, requires next@>=14.2.10)
GHSA-g77x-44xx-532m (Medium, requires next@>=14.2.7)
Which package is affected (leave empty if unsure)
react-email
Link to the code that reproduces this issue
N/A
To Reproduce
N/A
Expected Behavior
N/A
What's your node version? (if relevant)
N/A
gabrielmfern commented
There are no React Email packages that are using NextJS < 14.2.10 actually,