Open debabrata-shome opened 4 days ago
Hi @debabrata-shome, we're working on our upcoming release for Heroku CLI v10 that will drop support for Node 16 and will allow us to upgrade some blocked dependencies and get rid of all of these vulnerabilities.
We'll let you know when our next major version release is out and close this report.
Best!
This project is for the Heroku CLI only and issues are reviewed as we are able. If you need more immediate assistance or help with anything not specific to the CLI itself, please use https://help.heroku.com.
Do you want to request a feature or report a bug?
I am trying to report a High-severity (P0) security bug that is present in Heroku CLI due to dependent libraries
Version Details : heroku/9.2.1 linux-x64 node-v16.20.2
What is the current behavior?
If the current behavior is a bug, please provide the steps to reproduce.
More details on CVEs
What is the expected behavior?
Please update the third party library to remediate the vulnerabilities from
Heroku CLI