CVE-2022-25858 terser-5.14.1 (Vulnerable Library) for react-scripts 5.0.1

Got a security vulnerable library from the scan for terser-5.14.1. The recommended version of terser is 5.14.2

https://www.mend.io/vulnerability-database/CVE-2022-25858


Path to vulnerable library: /ui/node_modules/terser/package.json
Dependency Hierarchy:
-> react-scripts-5.0.1.tgz (Root Library)
   -> terser-webpack-plugin-5.3.3.tgz
     -> ❌ terser-5.14.1.tgz (Vulnerable Library) 
     

└─┬ react-scripts@5.0.1
  ├─┬ html-webpack-plugin@5.5.0
  │ └─┬ html-minifier-terser@6.1.0
  │   └── terser@5.14.1  deduped
  ├─┬ terser-webpack-plugin@5.3.3
  │ └── terser@5.14.1 
  └─┬ workbox-webpack-plugin@6.5.4
    └─┬ workbox-build@6.5.4
      └─┬ rollup-plugin-terser@7.0.2
        └── terser@5.14.1  deduped



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2022-25858 terser-5.14.1 (Vulnerable Library) for react-scripts 5.0.1 #12659

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Uh oh!

CVE-2022-25858 terser-5.14.1 (Vulnerable Library) for react-scripts 5.0.1 #12659

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions