Vulnerability in dependency `marked`
sareh opened this issue · comments
Sareh commented
There is a vulnerability in the dependency marked
that is used in this package: https://github.com/tuchk4/storybook-readme/blob/master/packages/storybook-readme/package.json
https://www.npmjs.com/advisories/1076/versions.
It is fixed in version 0.7.0
Valerii Sorokobatko commented
will publish today later
Daniel Testa commented
Looks good in 5.0.8 - thanks @tuchk4!
Valerii Sorokobatko commented
gbluv commented
We are trying to use version 6.0.28 and seeing this vulnerability https://snyk.io/vuln/SNYK-JS-TRIM-1017038