Announce: v2.1 published on `latest` fixing CVE-2022-24999
tunnckoCore opened this issue · comments
v2.1 is published with updated dependencies, fixing the CVE-2022-24999 of qs@6.9.3
.
Now dependencies are with ^
, and not pinned which was the problem, thus won't have such future issues.
From mail reports.