Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ Webpack 5.94.0 #728

Closed
2 tasks done
LVMVRQUXL opened this issue Sep 3, 2024 · 0 comments
Closed
2 tasks done

⬆️ Webpack 5.94.0 #728

LVMVRQUXL opened this issue Sep 3, 2024 · 0 comments
Assignees
@LVMVRQUXL
Labels
dependencies Managing dependencies. js Item related to the Kotlin/JS platform. security Security vulnerabilities.
Milestone
4.5.3

Comments

@LVMVRQUXL
Copy link
Contributor

LVMVRQUXL commented Sep 3, 2024
edited
Loading

📝 Description

Security vulnerability encountered by the Dependabot.

We want to bump Webpack from version 5.76.3 to 5.94.0 for fixing this security vulnerability.

✅ Checklist

  • ⬆️ Bump the dependency for fixing the security vulnerability.
  • 📝 Update the unreleased changelog for this issue.
@LVMVRQUXL LVMVRQUXL added security Security vulnerabilities. js Item related to the Kotlin/JS platform. labels Sep 3, 2024
@LVMVRQUXL LVMVRQUXL added this to the 4.5.3 milestone Sep 3, 2024
@LVMVRQUXL LVMVRQUXL added the dependencies Managing dependencies. label Sep 3, 2024
@LVMVRQUXL LVMVRQUXL self-assigned this Sep 7, 2024
@LVMVRQUXL LVMVRQUXL changed the title 🔒️ Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS ⬆️ Webpack 5.94.0 Sep 7, 2024
LVMVRQUXL added a commit that referenced this issue Sep 7, 2024
@LVMVRQUXL
⬆️ Bump webpack from 5.76.3 to 5.94.0 (#728)
3af0e92 
This commit fixes the following security vulnerability from Webpack: GHSA-4vvj-4cpr-p986.
LVMVRQUXL added a commit that referenced this issue Sep 10, 2024
@LVMVRQUXL
📝 Update unreleased changelog for #728
82a894b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@LVMVRQUXL LVMVRQUXL

Labels
dependencies Managing dependencies. js Item related to the Kotlin/JS platform. security Security vulnerabilities.
Projects
None yet
Milestone
4.5.3
Development

No branches or pull requests
1 participant
@LVMVRQUXL