You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Snyk recently reported that one of Dashy's dependencies, Prism.js (which is used for syntax highlighting) has a critical vulnerability, in the form of Regular Expression Denial of Service (ReDoS) - re CVE-2021-32723 and CVE-400. The Snyk report can be found here.
Issue
Snyk recently reported that one of Dashy's dependencies, Prism.js (which is used for syntax highlighting) has a critical vulnerability, in the form of Regular Expression Denial of Service (ReDoS) - re CVE-2021-32723 and CVE-400. The Snyk report can be found here.
This was fixed by the Prism team in d85e30da6755fdbe7f8559f8e75d122297167018 and PR 2774. The results of which can be seen under Prism's Security Advisories.
Solution
Dashy's Prism dependency needs to be updated from
1.23.0
to the latest version (currently1.24.1
).Before submitting, please ensure that:
The text was updated successfully, but these errors were encountered: