diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index c7167fc6b..9d5c96c01 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -77,7 +77,7 @@ catalogs: version: 3.1.1 overrides: - path-to-regexp@<0.1.10: 0.1.10 + path-to-regexp@<0.1.12: 0.1.12 minimatch@<3.1.4: 3.1.4 axios@>=1.0.0 <=1.13.4: 1.13.5 svgo@>=3.0.0 <3.3.3: 3.3.3 @@ -7332,8 +7332,8 @@ packages: resolution: {integrity: sha512-3O/iVVsJAPsOnpwWIeD+d6z/7PmqApyQePUtCndjatj/9I5LylHvt5qluFaBT3I5h3r1ejfR056c+FCv+NnNXg==} engines: {node: 18 || 20 || >=22} - path-to-regexp@0.1.10: - resolution: {integrity: sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w==} + path-to-regexp@0.1.12: + resolution: {integrity: sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==} path-to-regexp@8.3.0: resolution: {integrity: sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA==} @@ -15457,7 +15457,7 @@ snapshots: methods: 1.1.2 on-finished: 2.4.1 parseurl: 1.3.3 - path-to-regexp: 0.1.10 + path-to-regexp: 0.1.12 proxy-addr: 2.0.7 qs: 6.11.0 range-parser: 1.2.1 @@ -17650,7 +17650,7 @@ snapshots: lru-cache: 11.2.6 minipass: 7.1.3 - path-to-regexp@0.1.10: {} + path-to-regexp@0.1.12: {} path-to-regexp@8.3.0: {} diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index efe803e5e..b6ff51aaa 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -1,7 +1,7 @@ overrides: - # Fix CVE-2024-45296 / GHSA-9wv6-86v2-598j: path-to-regexp ReDoS vulnerability + # Fix CVE-2024-45296 / GHSA-9wv6-86v2-598j and CVE-2024-52798 / GHSA-rhx6-c78j-4q9w: path-to-regexp ReDoS vulnerability # Transitive via mintlify -> @mintlify/previewing -> express@4.18.2 - "path-to-regexp@<0.1.10": "0.1.10" + "path-to-regexp@<0.1.12": "0.1.12" # Fix CVE-2026-27904 / GHSA-23c5-xmqv-rm74: minimatch ReDoS vulnerability # Transitive via @stoplight/spectral-core "minimatch@<3.1.4": "3.1.4"