0.2.0
11 years ago
10 years ago
Known vulnerabilities in the heroku-env package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
heroku-env is a package that parse the DATABASE_URL from your heroku config and split it out into the PG* environment variables used by psql pg_dump pg_restore and node_postgres Affected versions of this package are vulnerable to Command Injection. The injection point is located in How to fix Command Injection? There is no fixed version for | * |