You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi @econner! Thanks for brining this to our attention. I've opened a PR to update this dependency. This change should be included in the next release on 3/23/22.
Issue Summary
Version 3.75.1 of this library (the latest) is potentially vulnerable to CVE-2022-0691 due to dependency on url-parse 1.5.6.
See https://nvd.nist.gov/vuln/detail/cve-2019-10744
The issue can be fixed by upgrading to 1.5.9.
Thanks.
Technical details:
The text was updated successfully, but these errors were encountered: