nodemailer Command Injection vulnerability
pmaterniak opened this issue · comments
This package has a dependency towards nodemailer@6.4.12 which has an upstream vulnerability towards nodemailer: https://www.npmjs.com/advisories/1708
The vulnerability has been fixed upstream by nodemailer@6.4.16 so it could be desired to release a new version of this package bumping that dependency.
nodemailer was upgraded to 6.9.8 in https://github.com/notifme/notifme-sdk/releases/tag/v1.12.0