Skip to content

fix: resolve HIGH severity security vulnerabilities#7680

Merged
ArunBala-Bitgo merged 1 commit intomasterfrom
fix-vuln
Dec 3, 2025
Merged

fix: resolve HIGH severity security vulnerabilities#7680
ArunBala-Bitgo merged 1 commit intomasterfrom
fix-vuln

Conversation

@lcovar
Copy link
Contributor

@lcovar lcovar commented Dec 2, 2025

Add yarn resolutions to fix the following vulnerabilities:

  • validator (GHSA-vghf-hv5q-vc2g): ReDoS vulnerability in isEmail

    • Resolved by forcing validator@13.15.23 for tronweb dependency

  • valibot (GHSA-vqpr-j7v3-hqw9): ReDoS vulnerability in EMOJI_REGEX

    • Resolved by forcing valibot@1.2.0 for @iota/iota-sdk dependency

Ticket: BG-0

@lcovar lcovar requested a review from a team as a code owner December 2, 2025 23:28
@lcovar
fix: resolve HIGH severity security vulnerabilities
d1018c9 
Add yarn resolutions to fix the following vulnerabilities:

- validator (GHSA-vghf-hv5q-vc2g): ReDoS vulnerability in isEmail
  - Resolved by forcing validator@13.15.23 for tronweb dependency

- valibot (GHSA-vqpr-j7v3-hqw9): ReDoS vulnerability in EMOJI_REGEX
  - Resolved by forcing valibot@1.2.0 for @iota/iota-sdk dependency

Ticket: BG-0
@ArunBala-Bitgo ArunBala-Bitgo merged commit 4e7d8d0 into master Dec 3, 2025
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@therealdwright therealdwright therealdwright approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lcovar @therealdwright @ArunBala-Bitgo