Airtable Webpack bundler is currently using webpack-dev-server version 4.0.0, which is affected by a known security vulnerability.
Vulnerability details:
Package: webpack-dev-server
Affected versions: < 5.2.1
Current version in use: 4.0.0
Vulnerability: Users’ source code may be exposed to theft when accessing a malicious website using a non-Chromium-based browser.
Fixed in: 5.2.1
Reference:
GitHub Security Advisory
Suggested fix:
Upgrade webpack-dev-server to version 5.2.1 or later to address the vulnerability.
Impact:
Developers using the Airtable webpack bundler may have their source code exposed if they access malicious websites using non-Chromium browsers during development.
Airtable Webpack bundler is currently using webpack-dev-server version 4.0.0, which is affected by a known security vulnerability.
Vulnerability details:
Package: webpack-dev-server
Affected versions: < 5.2.1
Current version in use: 4.0.0
Vulnerability: Users’ source code may be exposed to theft when accessing a malicious website using a non-Chromium-based browser.
Fixed in: 5.2.1
Reference:
GitHub Security Advisory
Suggested fix:
Upgrade webpack-dev-server to version 5.2.1 or later to address the vulnerability.
Impact:
Developers using the Airtable webpack bundler may have their source code exposed if they access malicious websites using non-Chromium browsers during development.