You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, Dependabot Alerts told us, that all versions of package trim-off-newlines are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing - CVE-2021-23425.
This package is used in conventional-commits-parser.
There is already an open issue for trim-newlines#823. I think this is the same issue, just in a different package.
The text was updated successfully, but these errors were encountered:
Trott
added a commit
to Trott/conventional-changelog
that referenced
this issue
Sep 8, 2021
Hello, Dependabot Alerts told us, that all versions of package
trim-off-newlines
are vulnerable to Regular Expression Denial of Service (ReDoS) via string processing - CVE-2021-23425.This package is used in
conventional-commits-parser
.There is already an open issue for
trim-newlines
#823. I think this is the same issue, just in a different package.The text was updated successfully, but these errors were encountered: