vulnerability found in "ansi-regex" - CVE-2021-3807 #4135
Comments
|
apparently, this has been a problem for quite a few npm versions. |
|
Is there an estimated date for a fix for this issue? |
|
@AmitayBiton - Suggest you add the CVE number (CVE-2021-3807) to the title here, as it might increase visibility. Details of this high sev vulnerability in ansi-regex are found at: |
|
Actually, I see this is likely a duplicate of #3785 |
AmitayBiton
changed the title
|
Closing: duplicate of #3785 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
cli/package.json
Line 72 in 4dbeb00
vulnerability found in "ansi-regex", child dependency of cli-table3
+-- cli-table3@0.6.0
| -- string-width@4.2.2 (at 4.2.3 it upgrades problematic dependencies)
| ---- strip-ansi@6.0.0
| ------ ansi-regex@5.0.0 (vulnerable version)
while updating npm it keep installing "ansi-regex@5.0.0" .
please remove or replace this package.
The text was updated successfully, but these errors were encountered: