Update d3-scale and d3-scale-chromatic dependency with high severity vulnerability
fresheneesz opened this issue · comments
npm audit
shows that this transitively depends on d3-color v2 which has a high CVE. Updating d3-scale to v3.1+ and d3-scale-chromatic to v3 would solve this.
react-wordcloud@1.2.7 > d3-scale@3.3.0 > d3-interpolate@2.0.1 > d3-color@2.0.0
react-wordcloud@1.2.7 > d3-scale-chromatic@1.5.0 > d3-color@1.4.1
Ah, sorry, de-interpolate needs to update first