kevinohara80/dmc

Package dependencies security: upgrade Handlebars to 4.0.0

Closed this issue · 1 comments

zachelrath commented

There is an open CVE that affects dmc because of its dependency on Handlebars 2.0.0. The recommended fix is to upgrade to 4.x

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8861

zachelrath commented

Resolved by #45