Prototype Pollution in mv@2.1.1 and License issue in exeunt@1.1.0
hetzbr opened this issue · 1 comments
hetzbr commented
There is a prototype pollution vulnerability in the latest version of Bunyan 2.0.2 introduced by bunyan@2.0.2 > mv@2.1.1 > mkdirp@0.5.1 > minimist@0.0.8
https://snyk.io/vuln/SNYK-JS-MINIMIST-559764
In addition, there is a license issue introduced by bunyan@2.0.2 > exeunt@1.1.0
a-n-d-r-3-w commented
(The prototype pollution vulnerability also exists in bunyan v1, captured in #643)