Medium severity vuln found in mem@1.1.0, introduced via yargs@11.1.0

Question

Medium severity vuln found in mem@1.1.0, introduced via yargs@11.1.0

trollepierre opened this issue 6 years ago · comments

✗ Medium severity vuln found in mem@1.1.0, introduced via libnpx@10.2.0
Description: Denial of Service (DoS)
Info: https://snyk.io/vuln/npm:mem:20180117
From: libnpx@10.2.0 > yargs@11.1.0 > os-locale@2.1.0 > mem@1.1.0

Eric Holmes · Answer 1 · Thu Mar 07 2019 00:46:24 GMT+0800 (China Standard Time)

+1 for this!

Robert · Answer 2 · Thu May 30 2019 04:36:37 GMT+0800 (China Standard Time)

Any chance of seeing an update to use yars@^12.0.2 (to get to os-locale 3 and then to mem 3)?