From 25e683552ba20544af74c8dada121ea9d5de99c2 Mon Sep 17 00:00:00 2001
From: "opensearch-trigger-bot[bot]"
 <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Date: Fri, 17 Jun 2022 10:31:58 -0700
Subject: [PATCH] [CVE] Resolve `jpeg-js` to 0.4.4 (#1753) (#1757)

Addresses Denial of Service (DoS) issue where a particular piece of input
will cause to enter an infinite loop and never return.

CVE: https://vuln.whitesourcesoftware.com/vulnerability/CVE-2022-25851

Issue Resolved:
https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1725

Signed-off-by: Kawika Avilla <kavilla414@gmail.com>
(cherry picked from commit 2a159e88e0d0d912c68994804450478fe31d5a12)

Co-authored-by: Kawika Avilla <kavilla414@gmail.com>
---
 yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index c0bd12420ec6..e6d96c107877 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -11486,9 +11486,9 @@ joi@^17.3.0:
     "@sideway/pinpoint" "^2.0.0"
 
 jpeg-js@^0.4.0:
-  version "0.4.3"
-  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.3.tgz#6158e09f1983ad773813704be80680550eff977b"
-  integrity sha512-ru1HWKek8octvUHFHvE5ZzQ1yAsJmIvRdGWvSoKV52XKyuyYA437QWDttXT8eZXDSbuMpHlLzPDZUPd6idIz+Q==
+  version "0.4.4"
+  resolved "https://registry.yarnpkg.com/jpeg-js/-/jpeg-js-0.4.4.tgz#a9f1c6f1f9f0fa80cdb3484ed9635054d28936aa"
+  integrity sha512-WZzeDOEtTOBK4Mdsar0IqEU5sMr3vSV2RqkAIzUEV2BHnUfKGyswWFPFwK5EeDo93K3FohSHbLAjj0s1Wzd+dg==
 
 jquery@^3.5.0:
   version "3.6.0"