Description
This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-HEROKUENV-1050432
Related Vulnerabilities
CVE-2018-20094 Vulnerability in maven package com.xuxueli:xxl-conf
CVE-2021-33587 Vulnerability in npm package css-what
CVE-2019-18799 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2021-46440 Vulnerability in npm package strapi
CVE-2022-31069 Vulnerability in npm package @ffdc/nestjs-proxy