Vulnerable versions: >= 6.0.0, < 6.4.1
Patched version: 6.4.1
There are high severity security vulnerabilities in two of ESLints dependencies:
The releases 1.8.3 and lower of svjsl (JSLib-npm) are vulnerable, but only if installed in a developer environment. A patch has been released (v1.8.4) which fixes these vulnerabilities.
SNYK-JS-ACORN-559469 (doesn't have a CVE identifier)
- Update all related PMM components
- Update description to explain how PMM is affected