Low vulnerability Issue with yargs > yargs-parser
Closed this issue · 1 comments
erwanriou commented
Could we update yargs so we get off this vulnerability? It already have a fix and need you guys to update your yargs version in package.json
Patched in >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2
Dependency of gravatar
gravatar > yargs > yargs-parser
skotashki commented
Please update your yargs dependency version guys. I have a production app using gravatar and could not sleep when there is vulnerability somewhere. Thanks in advance