You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It looks like google-fonts-plugin has a dependency on axios. In package.json, axios is listed as a dependency with version "^0.19.0"
Unfortunately this version of axios has a high severity vulnerability. My npm audit says this:
High Server-Side Request Forgery
Package axios
Patched in >=0.21.1
Dependency of google-fonts-plugin [dev]
Path google-fonts-plugin > axios
So I think if you change the axios dependency from "^0.19.0" to "^0.21.1", this might be fixed.
The text was updated successfully, but these errors were encountered:
It looks like google-fonts-plugin has a dependency on axios. In package.json, axios is listed as a dependency with version "^0.19.0"
Unfortunately this version of axios has a high severity vulnerability. My npm audit says this:
High Server-Side Request Forgery
Package axios
Patched in >=0.21.1
Dependency of google-fonts-plugin [dev]
Path google-fonts-plugin > axios
So I think if you change the axios dependency from "^0.19.0" to "^0.21.1", this might be fixed.
The text was updated successfully, but these errors were encountered: