fix(CVE-2020-7660): fix for RegExp.flags and Date.prototype.toISOString by redonkulus · Pull Request #207 · yahoo/serialize-javascript
gtcarlos-sage pushed a commit to gtcarlos-sage/serialize-javascript that referenced this pull request
Mar 2, 2026
smfeest added a commit to smfeest/buttercup that referenced this pull request
Mar 3, 2026
This is to resolve a security vulnerability in serialize-javascript 6.0.2 [1], which we had as a transitive dependency through webpack > terser-webpack-plugin. As it happens the fix for in terser-webpack-plugin 5.3.17 was to remove the dependency on serialize-javascript completely [2]. [1] yahoo/serialize-javascript#207 [2] webpack/terser-webpack-plugin#654
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters