[CVE] Resolve jpeg-js to 0.4.4 (#1753) (#1757)

Addresses Denial of Service (DoS) issue where a particular piece of input will cause to enter an infinite loop and never return. CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851 Issue Resolved: #1725 Signed-off-by: Kawika Avilla <[email protected]> (cherry picked from commit 2a159e8) Co-authored-by: Kawika Avilla <[email protected]>
opensearch-project · Jun 17, 2022 · 25e6835 · 25e6835
1 parent 45c5a53
commit 25e6835
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/yarn.lock b/yarn.lock
@@ -11486,9 +11486,9 @@ joi@^17.3.0:
     "@sideway/pinpoint" "^2.0.0"
 
 jpeg-js@^0.4.0:
-  version "0.4.3"
-  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.3.tgz#6158e09f1983ad773813704be80680550eff977b"
-  integrity sha512-ru1HWKek8octvUHFHvE5ZzQ1yAsJmIvRdGWvSoKV52XKyuyYA437QWDttXT8eZXDSbuMpHlLzPDZUPd6idIz+Q==
+  version "0.4.4"
+  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.4.tgz#a9f1c6f1f9f0fa80cdb3484ed9635054d28936aa"
+  integrity sha512-WZzeDOEtTOBK4Mdsar0IqEU5sMr3vSV2RqkAIzUEV2BHnUfKGyswWFPFwK5EeDo93K3FohSHbLAjj0s1Wzd+dg==
 
 jquery@^3.5.0:
   version "3.6.0"