You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This package makes use of [email protected] in its dependency tree. The request package has not been maintained and also contains security vulnerabilities as desbribed here: GHSA-p8p7-x288-28g6. Since there is no minor/patch version with a fix, I cannot update the package-lock file for this dependency.
Can you comment on the feasibility of this attack vector (or) how can I proceed next?