Bump jpeg-js over 0.4.4 to avoid cve-2022-25851 (#1093)

melhadad · web-flow · commit dad05fae5ac7 · 2022-09-15T09:07:40.000-07:00
https://avd.aquasec.com/nvd/2022/cve-2022-25851/ is present on 0.4.2
diff --git a/packages/type-jpeg/package.json b/packages/type-jpeg/package.json
@@ -22,7 +22,7 @@
   "dependencies": {
     "@babel/runtime": "^7.7.2",
     "@jimp/utils": "link:../utils",
-    "jpeg-js": "0.4.2"
+    "jpeg-js": "^0.4.2"
   },
   "peerDependencies": {
     "@jimp/custom": ">=0.3.5"
