Open ctf0 opened 1 week ago
latest version of Phpactor uses Twig 3. Although these security issues aren't really security issues with Phpactor right?
its a dependency security issue, yes its not related to phpactor it self but its a high risk & it might affect the user without knowing,
also highly recommend to check https://medium.com/@amitassaraf/the-story-of-extensiontotal-how-we-hacked-the-vscode-marketplace-5c6e66a0e9d7
i ran osv scanner and i found some security vulnerabilities with the the ext deps