Vulnerabilities reported in `@codecov/webpack-plugin #273
Description
Our vulnerability scanner is reporting several vulnerabilties in packages installed via @codecov/webpack-plugin:
CVE-2025-25285: @octokit/endpoint:9.0.6
CVE-2025-25289: @octokit/request-error:5.1.1
CVE-2026-22036: undici:5.29.0
I'm not sure if there are packages that you can upgrade to mitigate this or whether your dependencies need to release upgrades first.