PRISMA-2022-0039 in minimatch version 3.0.4 dependency
Murali84 opened this issue · comments
Minimatch is flagged as HIGH vulnerability in PRISMA. Fix version found in 3.0.5.
PRISMA issue link: isaacs/minimatch@a8763f4
Can you please check and let me know if more info required?
This vulnerability is also listed here: https://nvd.nist.gov/vuln/detail/CVE-2022-3517#range-8457383
Add this to your package.json and test it
"overrides": {
"test-exclude": {
"minimatch": ">=3.0.5"
}
}