Paul

+1. Kubernetes secrets are misnamed. They are not secret; they are available to anything in the cluster and they are stored in Base64. Support for HashiCorp Vault would be much...

It appears that 5.1.2 and 6.0.1 took very different paths to resolve the vulnerability, and there is much discussion in the [6.0.1 pull request](https://github.com/gulpjs/glob-parent/pull/49) which seems to imply the approach...

I have sent the following note on the NIST page requesting they fix the issue: I believe https://nvd.nist.gov/vuln/detail/CVE-2021-35065 was incorrectly updated recently. It now indicates that all versions < 6.0.1...