1.2.31

r-brown released this 28 Nov 16:57

· 38 commits to master since this release

updated: Allow custom properties for auto-created licensee
fixed: Prototype pollution in webpack loader-utils - CVE-2022-37601
fixed: Insufficient validation when decoding a Socket.IO packet - CVE-2022-2421
fixed: loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable - CVE-2022-37603
fixed: loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) - CVE-2022-37599
fixed: minimatch ReDoS vulnerability - CVE-2022-3517

Assets 2

Provide feedback