bwateratmsft
commented
2 years ago The pinning to exactly 2.6.0 of async is preventing us in the Azure Account extension for VSCode from fixing this.
Closed AntonTimiskov closed 1 year ago
bwateratmsft
commented
2 years ago The pinning to exactly 2.6.0 of async is preventing us in the Azure Account extension for VSCode from fixing this.
lirenhe
commented
2 years ago @qiaozha, could you help to take a look?
async <2.6.4 Severity: high Prototype Pollution in async - https://github.com/advisories/GHSA-fwr7-v2mv-hh25
How to fix: update the dependency to the latest version.