You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Yes, this behavior used to work in the previous version
The previous version in which this bug was not present was
13
Description
when running npm audit after upgrading angular version to 16 or 17, received the following vulnerability about loader-utils.
on npm ls loader-utils it's seem like it's in used of @angular-devkit/build-angular -> resolve-url-loader@5.0.0
Minimal Reproduction
npm audit & npm ls loader-utils
Exception or Error
npm audit report:
loader-utils 2.0.0 - 2.0.3
Severity: critical
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) - https://github.com/advisories/GHSA-hhq3-ff78-jv3g
Prototype pollution in webpack loader-utils - https://github.com/advisories/GHSA-76p3-8jx3-jpfq
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable - https://github.com/advisories/GHSA-3rfm-jhwj-7488
### Your Environment
```text
16.2.12
Anything else relevant?
No response
The text was updated successfully, but these errors were encountered:
Command
other
Is this a regression?
The previous version in which this bug was not present was
13
Description
when running
npm audit
after upgrading angular version to16
or17
, received the following vulnerability aboutloader-utils
.on
npm ls loader-utils
it's seem like it's in used of @angular-devkit/build-angular -> resolve-url-loader@5.0.0Minimal Reproduction
npm audit
&npm ls loader-utils
Exception or Error
Anything else relevant?
No response
The text was updated successfully, but these errors were encountered: