You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
This package is dependent on an old version of postman-collection which is dependent on a vulnerable semver version.
To Reproduce
When running npm audit the following output appears:
semver 7.0.0 - 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/postman-collection/node_modules/semver
postman-collection 3.6.0-beta.1 - 4.1.7
Depends on vulnerable versions of semver
node_modules/postman-collection
postman-code-generators >=1.1.0
Depends on vulnerable versions of postman-collection
node_modules/postman-code-generators
3 moderate severity vulnerabilities
Describe the bug
This package is dependent on an old version of
postman-collectionwhich is dependent on a vulnerablesemverversion.To Reproduce
When running
npm auditthe following output appears:Fix suggestion
Update
postman-collectionto version4.4.0.Additional context
The text was updated successfully, but these errors were encountered: