Skip to content

Commit

Permalink
fix(@angular-devkit/build-angular): update loader-utils to 3.2.1
Browse files Browse the repository at this point in the history
`loader-utils` is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable.

See: GHSA-3rfm-jhwj-7488

Closes #24241
  • Loading branch information
alan-agius4 authored and dgp1130 committed Nov 16, 2022
1 parent d091bb0 commit f298ebb
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 2 deletions.
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@
"less-loader": "10.2.0",
"license-checker": "^25.0.0",
"license-webpack-plugin": "4.0.2",
"loader-utils": "3.2.0",
"loader-utils": "3.2.1",
"magic-string": "0.25.7",
"mini-css-extract-plugin": "2.5.3",
"minimatch": "3.0.5",
Expand Down
2 changes: 1 addition & 1 deletion packages/angular_devkit/build_angular/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
"less": "4.1.2",
"less-loader": "10.2.0",
"license-webpack-plugin": "4.0.2",
"loader-utils": "3.2.0",
"loader-utils": "3.2.1",
"mini-css-extract-plugin": "2.5.3",
"minimatch": "3.0.5",
"open": "8.4.0",
Expand Down
5 changes: 5 additions & 0 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -7322,6 +7322,11 @@ loader-utils@3.2.0:
resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-3.2.0.tgz#bcecc51a7898bee7473d4bc6b845b23af8304d4f"
integrity sha512-HVl9ZqccQihZ7JM85dco1MvO9G+ONvxoGa9rkhzFsneGLKSUg1gJf9bWzhRhcvm2qChhWpebQhP44qxjKIUCaQ==

loader-utils@3.2.1:
version "3.2.1"
resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-3.2.1.tgz#4fb104b599daafd82ef3e1a41fb9265f87e1f576"
integrity sha512-ZvFw1KWS3GVyYBYb7qkmRM/WwL2TQQBxgCK62rlvm4WpVQ23Nb4tYjApUlfjrEGvOs7KHEsmyUn75OHZrJMWPw==

loader-utils@^1.4.0:
version "1.4.0"
resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.4.0.tgz#c579b5e34cb34b1a74edc6c1fb36bfa371d5a613"
Expand Down

0 comments on commit f298ebb

Please sign in to comment.