Replies: 1 comment
-
|
Hi @manuweg, the vulnerable package is used by pdf2pic |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
will you be updating this any time soon?
`# npm audit report
cross-spawn <6.0.6 || >=7.0.0 <7.0.5
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - GHSA-3xgq-45jj-v275
Regular Expression Denial of Service (ReDoS) in cross-spawn - GHSA-3xgq-45jj-v275
No fix available
node_modules/cross-spawn
node_modules/gm/node_modules/cross-spawn
gm >=1.23.0
Depends on vulnerable versions of cross-spawn
node_modules/gm
pdf2pic *
Depends on vulnerable versions of gm
node_modules/pdf2pic`
Beta Was this translation helpful? Give feedback.
All reactions