Status
Fixed version
1.7.2-r0Status
Impact
Fixing this vulnerability requires upgrading lexical-core to v1.0.0. However, another dependency: arrow-json, will not function with lexical-core v1.0.0. arrow-json is preparing a 53.1.0 release, which upgrades it's dependency to a newer version of lexical-core. However, this has not been released yet. Pending fix from upstream.
Status