node-etl icon indicating copy to clipboard operation
node-etl copied to clipboard

Published 20 hours ago verified publisher icon ZJONSSON

Old version of [email protected] has a dependency to "minimist": "^0.2.0" with a prototype pollution vulnerability

Open enaukkarinen opened this issue 3 years ago • 1 comments

Could csv-parser dependency be updated to 3.0.0 to get rid of this vulnerability?

Thanks

enaukkarinen avatar Mar 15 '21 11:03 enaukkarinen

@ZJONSSON , @jbreckman - Any thoughts on this?

montumodi avatar Mar 16 '21 13:03 montumodi