Description
This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-HEROKUENV-1050432
Related Vulnerabilities
CVE-2021-23518 Vulnerability in npm package cached-path-relative
CVE-2022-31129 Vulnerability in maven package org.webjars.bowergithub.moment:moment
CVE-2019-12395 Vulnerability in maven package us.dynmap:dynmap
CVE-2019-11819 Vulnerability in maven package org.opencms:org.opencms.workplace.tools.accounts
CVE-2023-31717 Vulnerability in npm package @frangoteam/fuxa