CVE-2022-46175

[akshay196]

Describe the issue you're facing

Dashboard affected by a security vulnerability in json5 - CVE-2022-46175

How to fix it?
This can be mitigated by updating json5 package to version 1.0.2, 2.2.2, and later.

Dependent of json5:

$ yarn why json5
yarn why v1.22.17
[1/4] Why do we have the module "json5"...?
[2/4] Initialising dependency graph...
[3/4] Finding dependency...
[4/4] Calculating file sizes...
=> Found "[email protected]"
info Has been hoisted to "json5"
info Reasons this module exists
   - Hoisted from "@babel#core#json5"
   - Hoisted from "react-scripts#@pmmmwh#react-refresh-webpack-plugin#loader-utils#json5"
   - Hoisted from "react-scripts#@svgr#webpack#loader-utils#json5"
   - Hoisted from "react-scripts#file-loader#loader-utils#json5"
   - Hoisted from "react-scripts#resolve-url-loader#loader-utils#json5"
   - Hoisted from "react-scripts#resolve-url-loader#adjust-sourcemap-loader#loader-utils#json5"
   - Hoisted from "react-scripts#workbox-webpack-plugin#workbox-build#@surma#rollup-plugin-off-main-thread#json5"
info Disk size without dependencies: "304KB"
info Disk size with unique dependencies: "408KB"
info Disk size with transitive dependencies: "408KB"
info Number of shared dependencies: 1
=> Found "loader-utils#[email protected]"
info This module exists because "loader-utils" depends on it.
info Disk size without dependencies: "124KB"
info Disk size with unique dependencies: "228KB"
info Disk size with transitive dependencies: "228KB"
info Number of shared dependencies: 1
=> Found "tsconfig-paths#[email protected]"
info This module exists because "react-scripts#eslint-config-react-app#eslint-plugin-import#tsconfig-paths" depends on it.
info Disk size without dependencies: "124KB"
info Disk size with unique dependencies: "228KB"
info Disk size with transitive dependencies: "228KB"
info Number of shared dependencies: 1
Done in 1.36s.