[CVE] Resolve jpeg-js to 0.4.4 (opensearch-project#1753) (opensearc…

…h-project#1757) Addresses Denial of Service (DoS) issue where a particular piece of input will cause to enter an infinite loop and never return. CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851 Issue Resolved: opensearch-project#1725 Signed-off-by: Kawika Avilla <kavilla414@gmail.com> (cherry picked from commit 2a159e8) Co-authored-by: Kawika Avilla <kavilla414@gmail.com>
cliu123 · Jun 30, 2022 · 00463c0 · 00463c0
1 parent 50a641a
commit 00463c0
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/yarn.lock b/yarn.lock
@@ -11486,9 +11486,9 @@ joi@^17.3.0:
     "@sideway/pinpoint" "^2.0.0"
 
 jpeg-js@^0.4.0:
-  version "0.4.3"
-  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.3.tgz#6158e09f1983ad773813704be80680550eff977b"
-  integrity sha512-ru1HWKek8octvUHFHvE5ZzQ1yAsJmIvRdGWvSoKV52XKyuyYA437QWDttXT8eZXDSbuMpHlLzPDZUPd6idIz+Q==
+  version "0.4.4"
+  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.4.tgz#a9f1c6f1f9f0fa80cdb3484ed9635054d28936aa"
+  integrity sha512-WZzeDOEtTOBK4Mdsar0IqEU5sMr3vSV2RqkAIzUEV2BHnUfKGyswWFPFwK5EeDo93K3FohSHbLAjj0s1Wzd+dg==
 
 jquery@^3.5.0:
   version "3.6.0"