Old version of debug
dependency introduces CVE-2017-16137
vulnerability
#2146
Labels
debug
dependency introduces CVE-2017-16137
vulnerability
#2146
node@v16.20.2, linux@6.2.0-37-generic
nodemon
:3.0.1
Issue
nodemon
usesdebug@^3.2.7
which contains theCVE-2017-16137
vulnerability.The earliest fix for this vulnerability is in
debug@4.3.1
. It would be appreciated it you could updatenodemon
'sdebug
to that or higher.The text was updated successfully, but these errors were encountered: