Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

critical: ReDoS vulnerability from inquirer v8.2.0 #883

Open
ChidanandanP opened this issue Dec 16, 2021 · 1 comment
Open

critical: ReDoS vulnerability from inquirer v8.2.0 #883

ChidanandanP opened this issue Dec 16, 2021 · 1 comment

Comments

@ChidanandanP
Copy link

ChidanandanP commented Dec 16, 2021
edited
Loading

Hi Team, there is a high vulnerability found in ansi-regex library for Regular Expression Denial of Service (ReDoS).
This library is used by inquirer v8.2.0.

Please increase the inquirer library to latest version. Already a PR is open for that, please merge it as soon as possible:
#874

Refer the below urls to find more about vulnerability

https://snyk.io/advisor/npm-package/inquirer
https://snyk.io/vuln/npm:ansi-regex
@ChidanandanP ChidanandanP changed the title ReDoS vulnerability from inquirer v8.2.0 critical: ReDoS vulnerability from inquirer v8.2.0 Dec 16, 2021
@ericcornelissen ericcornelissen mentioned this issue Jan 8, 2022
Merged
1 task
@OmgImAlexis
Copy link

#874 has been merged and new release is out with the changes included. This can be closed.

@keeganstreet keeganstreet mentioned this issue Jan 20, 2023
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@OmgImAlexis @ChidanandanP