heroku-env@0.1.0 vulnerabilities
heroku-env ===============
-
latest version
0.2.0
-
first published
11 years ago
-
latest version published
11 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the heroku-env package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
heroku-env is a package that parse the DATABASE_URL from your heroku config and split it out into the PG* environment variables used by psql pg_dump pg_restore and node_postgres Affected versions of this package are vulnerable to Command Injection. The injection point is located in How to fix Command Injection? There is no fixed version for |
*
|