This repository was archived by the owner on Aug 4, 2023. It is now read-only.
This repository was archived by the owner on Aug 4, 2023. It is now read-only.
Vulnerability in dicer package #640
Description
According to NPM audit, the dicer package has been marked with a high vulnerability. Swagger-tools is impacted by this vulnerability by way of this path: swagger-tools > multer > busboy > dicer
CVE link:GHSA-wm7h-9275-46v2
The multer team has just recently updated their 1.x branch to include a fix in a backwards compatible way. The branch can be found here.
Is there any chance that swagger-tools could be updated to use v1.4.5-lts.1 of multer? Would be will to put together the PR if desirable.