Skip to content

vulnerable package version of custom-webpack being used inside build-angular for v12 #22433

Closed
@iRealNirmal

Description

@iRealNirmal

Recently GitHub dependbot showing vulnerability for ansi-html in package-lock.json for projects.

On back tracking it was coming from webpack-dev-server version 3.11.2 but it's removed in 3.11.3 patch update.

Once webpack-dev-server version is updated to v3.11.3 this issue will be resolved.

Metadata

Metadata

Assignees

Type

No type

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions