cross-spawn before 7.0.5 is vulnerable (CVE-2024-21538) · Issue #50 · expo/spawn-async · GitHub

cross-spawn before 7.0.5 is vulnerable (CVE-2024-21538) #50

Open

philschonholzer

opened

on Nov 14, 2024

Versions of cross-span before 7.0.5 are vulnerable. See: https://www.cve.org/CVERecord?id=CVE-2024-21538

Can you update the dependency?

Metadata

Assignees

No one assigned

Labels

No labels

No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests