Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Critical Vulnerabilities #16

Open
ghost opened this issue Dec 4, 2022 · 1 comment
Open

Critical Vulnerabilities #16

ghost opened this issue Dec 4, 2022 · 1 comment

Comments

@ghost
Copy link

ghost commented Dec 4, 2022

Currently getting the following on npm install using import-glob-loader with webpack

Severity: critical
Prototype pollution in webpack loader-utils - https://github.com/advisories/GHSA-76p3-8jx3-jpfq
No fix available
node_modules/import-glob-loader/node_modules/loader-utils
  import-glob-loader  *
  Depends on vulnerable versions of loader-utils
  node_modules/import-glob-loader

2 critical severity vulnerabilities
@ymzkjpx
Copy link

ymzkjpx commented Apr 27, 2023

@cognaciousthunk
Hi.
I faced the same problem too.
Thank you for listing the ISSUE first.

It may be important to wait for this author's response, but I solved the problem by using this package.
I will be glad if it helps.
terpiljenya/import-glob: ES6 import with glob patterns (preloader for Webpack) https://github.com/terpiljenya/import-glob

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ymzkjpx