GHSA-vfpf-xmwh-8m65: ProsemirrorToHtml has a Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values

GHSA-f83h-ghpp-7wcc: Insecure Deserialization (pickle) in pdfminer.six CMap Loader — Local Privesc

akbr update 1.0.0 is vulnerable to Prototype Pollution via update/index.js.

**@akbr/update Prototype Pollution**

Moderate severity GitHub Reviewed Published Jun 17, 2024 to the GitHub Advisory Database • Updated Jun 17, 2024