Security vulnerability

Question

Security vulnerability

zucatti opened this issue 3 years ago · 3 comments

The module relies on node-fetch < 2.6.7 which is known as vulnerable. Please upgrade to the latest version of node-fetch
node-fetch <2.6.7
Severity: high
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor - GHSA-r683-j2x4-v87g

Answer 1 · 2022-03-14T09:14:59.000Z

Thanks @zucatti for reporting this security concern. Let us take a look at it and try to resolve this asap.

Answer 2 · 2022-04-08T18:12:12.000Z

Fix has been merged

Answer 3 · 2022-04-14T07:18:13.000Z

released with v4.7.2