-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vulnerability found in "ansi-regex" - CVE-2021-3807 #4135
Comments
apparently, this has been a problem for quite a few npm versions. |
Is there an estimated date for a fix for this issue? |
@AmitayBiton - Suggest you add the CVE number (CVE-2021-3807) to the title here, as it might increase visibility. Details of this high sev vulnerability in ansi-regex are found at: |
Actually, I see this is likely a duplicate of #3785 |
Closing: duplicate of #3785 |
cli/package.json
Line 72 in 4dbeb00
vulnerability found in "ansi-regex", child dependency of cli-table3
+-- cli-table3@0.6.0
| -- string-width@4.2.2 (at 4.2.3 it upgrades problematic dependencies)
| ---- strip-ansi@6.0.0
| ------ ansi-regex@5.0.0 (vulnerable version)
while updating npm it keep installing "ansi-regex@5.0.0" .
please remove or replace this package.
The text was updated successfully, but these errors were encountered: