You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that npm audit is reporting the following high NPM vulnerability.
pdfjs-dist <=4.1.392
Severity: high
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF - https://github.com/advisories/GHSA-wgrm-67xf-hhpq
fix available via `npm audit fix --force`
Will install @govtechsg/[email protected], which is a breaking change
node_modules/pdfjs-dist
@govtechsg/purple-hats >=0.9.19
Depends on vulnerable versions of pdfjs-dist
node_modules/@govtechsg/purple-hats
I noticed that
npm audit
is reporting the following high NPM vulnerability.The package.json seems to contain a very specific version of the package: https://github.com/GovTechSG/purple-a11y/blob/master/package.json#L20
The text was updated successfully, but these errors were encountered: