Expected Behavior
No CVEs
Current Behavior
Update Semver to patch CVE
pnpm audit
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate │ semver vulnerable to Regular Expression Denial of │
│ │ Service │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package │ semver │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <7.5.2 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions │ >=7.5.2 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths │ . > @commitlint/[email protected] > @commitlint/[email protected] > │
│ │ @commitlint/[email protected] > [email protected] │
│ │ │
│ │ . > [email protected] > @commitlint/[email protected] > │
│ │ @commitlint/[email protected] > │
│ │ @commitlint/[email protected] > [email protected] │
│ │ │
│ │ . > @commitlint/[email protected] > @commitlint/[email protected] > │
│ │ @commitlint/[email protected] > │
│ │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] > │
│ │ [email protected] > [email protected] │
│ │ │
│ │ ... Found 6 paths, run `pnpm why semver` for more │
│ │ information │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info │ https://github.com/advisories/GHSA-c2qf-rxjj-qqgw │
└─────────────────────┴────────────────────────────────────────────────────────┘
2 vulnerabilities found
Severity: 2 moderate
Affected packages
Possible Solution
N/A
Steps to Reproduce
Context
N/A
commitlint --version
@commitlint/[email protected]
git --version
2.34.1
node --version
v18.16.0
Expected Behavior
No CVEs
Current Behavior
Update Semver to patch CVE
Affected packages
Possible Solution
N/A
Steps to Reproduce
Context
N/A
commitlint --version
@commitlint/[email protected]
git --version
2.34.1
node --version
v18.16.0