Open
Description
Current version of commit-info package has a dependency of execa
1.x, which has a critical security vulnerability (CVSS score 9.8) as reported via Gitlab Security Advisories.
Advisory: https://advisories.gitlab.com/pkg/npm/execa/GMS-2020-2/
Recommendation is to upgrade to execa
version 2.0.0 or higher.
Metadata
Metadata
Assignees
Labels
No labels