Fix vulnerability in v1 of loader-utils

[daniluk4000]

We did discuss this in PMs but I'll also create corresponding issue, @alexander-akait.

Motivation

1. v1 version of this library is still used in many libraries and people who didn't yet migrate to Webpack 5
2. v1 has almost 20 millions of weekly downloads
3. The fix is single-line and easy to implement

Request

Please create branch v1.0.0 with latest commit (1.4.0) and add changes from #217 here as 1.4.1 version. This shouldn't add any breaking changes and will fix critical vulnerability.

Thanks!

[alexander-akait]

Fixed and released https://github.com/webpack/loader-utils/releases/tag/v1.4.1

[nukeop]

Whats the attack vector here? How can this be exploited?