New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update webpack-compression-plugin for v14 to get updated serialize-javascript version #8857
Comments
caalador
added this to Needs triage
in OLD Vaadin Flow bugs & maintenance (Vaadin 10+)
via automation
Aug 17, 2020
caalador
added a commit
that referenced
this issue
Aug 24, 2020
joheriks
pushed a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
This was referenced Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
caalador
added a commit
that referenced
this issue
Aug 27, 2020
denis-anisimov
pushed a commit
that referenced
this issue
Aug 31, 2020
denis-anisimov
pushed a commit
that referenced
this issue
Aug 31, 2020
OLD Vaadin Flow bugs & maintenance (Vaadin 10+)
automation
moved this from Needs triage
to Closed
Aug 31, 2020
denis-anisimov
pushed a commit
that referenced
this issue
Aug 31, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current webpack-compression-plugin 3.1.0 has a dependency to serialize-javascript 2.1.2 which has a
severity https://nvd.nist.gov/vuln/detail/CVE-2020-7660
Updating the webpack-compression-plugin to 4.0.1 would bring in a fixed version of
serialize-javascript
Issue is present starting from 2.x
The text was updated successfully, but these errors were encountered: