Vulnerability found - CVE-2021-43138

foreversd / forever-monitor

The core monitoring functionality of forever without the CLI

MIT License

1.16k stars 181 forks source link

Vulnerability found - CVE-2021-43138 #204

Open TheBrockEllis opened 2 years ago

TheBrockEllis commented 2 years ago

The async package has a disclosed vulnerability in versions < 2.6.4 with mapValues(). It looks like forever-monitor is currently using a 1.X build of async.