[Snyk] Security upgrade @teselagen/ove from 0.7.21-beta.2 to 0.7.21

[bijupki]

Snyk has created this PR to fix 2 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• example-demos/oveViteDemo/package.json
• example-demos/oveViteDemo/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Prototype Pollution SNYK-JS-LODASH-15053838	631
	Prototype Pollution SNYK-JS-LODASHES-15053836	631

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

[segrem25830-pki]

Checkmarx One – Scan Summary & Details – 16fb43fd-185b-4b89-a859-9e1b1f56dbe5

New Issues (4)

Checkmarx found the following issues in this Pull Request

#	Severity	Issue	Source File / Package	Checkmarx Insight
1		CVE-2023-45133	Npm-@babel/traverse-7.22.8	details Recommended version: 7.23.2 Description: Babel is a compiler for writing JavaScript. In `@babel/traverse` versions prior to 7.23.2 and 8.0.x prior to 8.0.0-alpha.4, using Babel to compile ... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
2		CVE-2026-23950	Npm-tar-6.2.1	details Recommended version: 7.5.3 Description: node-tar,a Tar for Node.js, has a race condition vulnerability in versions through 7.5.3. This is due to an incomplete handling of Unicode path col... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
3		CVE-2023-44270	Npm-postcss-8.4.27	details Recommended version: 8.4.31 Description: An issue was discovered in postcss versions prior to 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An at... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
4		CVE-2025-9910	Npm-jsondiffpatch-0.4.1	details Recommended version: 0.7.2 Description: jsondiffpatch versions prior to 0.7.2 are vulnerable to Cross-site Scripting (XSS) via "HtmlFormatter::nodeBegin". An attacker can inject malicious... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package

Fixed Issues (3)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CVE-2026-21884	Npm-react-router-5.3.4
	Client_Dangerous_File_Inclusion	/packages/bio-parsers/umd_demo.html: 3
	Client_Dangerous_File_Inclusion	/packages/ove/public/UMDDemo.html: 13

---

Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR