π [BUG]: path-to-regexp outputs backtracking regular expressions - https://github.com/advisories/GHSA-9wv6-86v2-598j No fix available #11384
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
π bug ζθΏ°
I am using
[email protected]with[email protected]and getting vulnerabilities notification.π· ε€η°ζ₯ιͺ€ | Recurrence steps
$ npm audit
# npm audit report
path-to-regexp 2.0.0 - 3.2.0
Severity: high
path-to-regexp outputs backtracking regular expressions - GHSA-9wv6-86v2-598j
No fix available
node_modules/@refinedev/antd/node_modules/path-to-regexp
@ant-design/pro-layout <=4.3.2 || 4.7.3 - 7.20.0
Depends on vulnerable versions of path-to-regexp
node_modules/@refinedev/antd/node_modules/@ant-design/pro-layout
**@refinedev/antd ***
Depends on vulnerable versions of @ant-design/pro-layout
node_modules/@refinedev/antd
3 high severity vulnerabilities
Some issues need review, and may require choosing
a different dependency.
$ npm ls path-to-regexp
my-project
βββ¬ @refinedev/[email protected]
β βββ¬ @ant-design/[email protected]
β βββ [email protected]
βββ¬ @refinedev/[email protected]
βββ¬ @refinedev/[email protected] invalid: "1.1.36" from node_modules/@refinedev/devtools
βββ¬ [email protected]
βββ [email protected]
$ npm ls send
my-project
βββ¬ @refinedev/[email protected]
βββ¬ @refinedev/[email protected] invalid: "1.1.36" from node_modules/@refinedev/devtools
βββ¬ [email protected]
βββ [email protected]
βββ¬ [email protected]
βββ [email protected] deduped
π ζζη»ζ | Expected results
π» ε€η°δ»£η | Recurrence code
Β© ηζ¬δΏ‘ζ―
π ε Άδ»δΏ‘ζ―
The text was updated successfully, but these errors were encountered: