Hello,
There's a HIGH finding in the package cross-spawn, that is a dependency of quite a few packages (eslint among those).
Would it be possible to bump those packages? And eventually setup trivy or other tools to avoid these in the future?
Finding: https://avd.aquasec.com/nvd/2024/cve-2024-21538/
Thanks!
Jules
Hello,
There's a HIGH finding in the package cross-spawn, that is a dependency of quite a few packages (eslint among those).
Would it be possible to bump those packages? And eventually setup trivy or other tools to avoid these in the future?
Finding: https://avd.aquasec.com/nvd/2024/cve-2024-21538/
Thanks!
Jules