Open philosowaffle opened 6 years ago
Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Op...
package-lock.json update suggested: url-parse ~> 1.4.3
This is Dev dependency pulled in by VS Code.
Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Op...
package-lock.json update suggested: url-parse ~> 1.4.3