Skip to content

[Security] - Bump prismjs from 1.25.0 -> 1.29.0 #434

Description

@matthew-heath

As part of dependabot vulnerability alerts set up on a private repository, the following alert shows for prismjs:

Screenshot 2024-03-21 at 11 22 05

The following PR fixed the above issue and it is suggested to upgrade to >=1.27.0 to avail of this.

Related CVE - https://www.cvedetails.com/cve/CVE-2022-23647/?q=CVE-2022-23647

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions