mirror of
https://github.com/github/codeql.git
synced 2025-12-17 17:23:36 +01:00
5 lines
187 B
Markdown
5 lines
187 B
Markdown
lgtm,codescanning
|
|
* The `cwd` option from the `read-pkg` library is recognized as a sink for `js/tainted-path`.
|
|
Affected packages are
|
|
[read-pkg](https://npmjs.com/package/read-pkg)
|