download
download copied to clipboard
Open vunerability with the decompress package and decompress-tar
Hey,
I've received notification from Synk about an open vulnerability with the decompress-tar package that the decompress package uses and in turn download:
https://app.snyk.io/vuln/SNYK-JS-DECOMPRESSTAR-559095
This has been raised here:
https://github.com/kevva/decompress-tar/issues/17
I thought I would also raise it within this package for tracking purposes as we rely on this package which in turn uses the packages with the vunerability.