Open Rafo1994 opened 2 years ago
Hi,
version 1.1.1 depends on shell-quote package version 1.6.1 which has critical vulnerability (command injection, more here https://github.com/advisories/GHSA-g4rg-993r-mgx7). That issue was fixed with shell-quote version 1.7.3.
Thanks :)
Hi,
version 1.1.1 depends on shell-quote package version 1.6.1 which has critical vulnerability (command injection, more here https://github.com/advisories/GHSA-g4rg-993r-mgx7). That issue was fixed with shell-quote version 1.7.3.
Thanks :)