Arbitrary Code Execution vulnerability in underline dependency
arusa opened this issue · comments
Alexander Rusa commented
Hi,
the "src" lib has a dependency to "underscore" in version "~1.6.0" which has an Arbitrary Code Execution vulnerability according to: