Security concern: CWE-400 via d3-color #378
Description
Hi!
We`re currently using 'react-simple-map' in our project, and noticed that it indirectly depends on 'd3-color'.
This version of 'd3-color' is affected by a vulnerability classified as CWE-400: Uncontrolled Resource Consumption. The issue has been reported in our audit tools
The issue is fixed in [email protected], but react-simple-maps depends on packages (like d3-interpolate) that still pull in the vulnerable version.