CVE-2024-47764 (GHSA-pxg6-pf52-xh8x) - versions < 0.7.0 of cookie have a low severity vulnerability

[createdbysk]

Per CVE-2024-47764 (GHSA-pxg6-pf52-xh8x), versions < 0.7.0 of cookie have a low severity vulnerability.

webpack-dev-server's depends on cookie 0.6.0 via express 4.21.0. express 4.21.1 addresses this issue.

Upgrade webpack-dev-server's dependency on express to express 4.21.1.

• This is a bug
• This is a modification request

Code

// webpack.config.js

// additional code, remove if not needed.

Please paste the results of npx webpack-cli info here, and mention other relevant information

Expected Behavior

Actual Behavior

For Bugs; How can we reproduce the behavior?

For Features; What is the motivation and/or use-case for the feature?

[alexander-akait]

We use ^ - https://github.com/webpack/webpack-dev-server/blob/master/package.json#L62, so you can update your deps locally, no need to make a new release, thank you