Would it be possible please to update the version of webpack-dev-server to at least 5.2.4 in Angular v21 to fix the Medium vulnerability CVE-2026-6402 ? (already fixed in Angular v22)
Thank you.
ng version
_ _ ____ _ ___
/ \ _ __ __ _ _ _| | __ _ _ __ / ___| | |_ _|
/ △ \ | '_ \ / _` | | | | |/ _` | '__| | | | | | |
/ ___ \| | | | (_| | |_| | | (_| | | | |___| |___ | |
/_/ \_\_| |_|\__, |\__,_|_|\__,_|_| \____|_____|___|
|___/
Angular CLI : 21.2.15
Angular : 21.2.17
Node.js : 24.16.0
Package Manager : yarn 1.22.21+sha1.1959a18351b811cdeedbd484a8f86c3cc3bbaf72
Operating System : win32 x64
┌────────────────────────────┬───────────────────┬───────────────────┐
│ Package │ Installed Version │ Requested Version │
├────────────────────────────┼───────────────────┼───────────────────┤
│ @angular-devkit/core │ 21.2.15 │ ^21.2.7 │
│ @angular-devkit/schematics │ 21.2.15 │ ^21.2.14 │
│ @angular/build │ 21.2.15 │ ^21.2.14 │
│ @angular/cdk │ 21.2.14 │ ^21.2.14 │
│ @angular/cli │ 21.2.15 │ ^21.2.14 │
│ @angular/common │ 21.2.17 │ ^21.2.16 │
│ @angular/compiler │ 21.2.17 │ ^21.2.16 │
│ @angular/compiler-cli │ 21.2.17 │ ^21.2.16 │
│ @angular/core │ 21.2.17 │ ^21.2.16 │
│ @angular/forms │ 21.2.17 │ ^21.2.16 │
│ @angular/platform-browser │ 21.2.17 │ ^21.2.16 │
│ @angular/router │ 21.2.17 │ ^21.2.16 │
│ ng-packagr │ 21.2.5 │ ^21.2.5 │
│ rxjs │ 7.8.2 │ ~7.8.2 │
│ typescript │ 5.9.3 │ ~5.9.3 │
│ vitest │ 4.1.9 │ ^4.1.8 │
└────────────────────────────┴───────────────────┴───────────────────┘
Command
other
Is this a regression?
The previous version in which this bug was not present was
No response
Description
Would it be possible please to update the version of webpack-dev-server to at least 5.2.4 in Angular v21 to fix the Medium vulnerability CVE-2026-6402 ? (already fixed in Angular v22)
Thank you.
Minimal Reproduction
Exception or Error
Your Environment
Anything else relevant?
No response