Update webpack-compression-plugin for v14 to get updated serialize-javascript version #8857
Comments
caalador
added this to Needs triage
in OLD Vaadin Flow bugs & maintenance (Vaadin 10+)
via automation
caalador
added a commit
that referenced
this issue
Aug 24, 2020
joheriks
pushed a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
This was referenced Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
denis-anisimov
pushed a commit
that referenced
this issue
Aug 31, 2020
denis-anisimov
pushed a commit
that referenced
this issue
Aug 31, 2020
OLD Vaadin Flow bugs & maintenance (Vaadin 10+)
automation
moved this from Needs triage
to Closed
Aug 31, 2020
denis-anisimov
pushed a commit
that referenced
this issue
Aug 31, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current webpack-compression-plugin 3.1.0 has a dependency to serialize-javascript 2.1.2 which has a
severity https://nvd.nist.gov/vuln/detail/CVE-2020-7660
Updating the webpack-compression-plugin to 4.0.1 would bring in a fixed version of
serialize-javascriptIssue is present starting from 2.x
The text was updated successfully, but these errors were encountered: