VYPR

npm package

@hoppscotch/cli

pkg:npm/%40hoppscotch/cli

Vulnerabilities (1)

  • CVE-2024-34347HigMay 8, 2024
    affected >= 0.5.0, < 0.8.0fixed 0.8.0

    @hoppscotch/cli is a CLI to run Hoppscotch Test Scripts in CI environments. Prior to 0.8.0, the @hoppscotch/js-sandbox package provides a Javascript sandbox that uses the Node.js vm module. However, the vm module is not safe for sandboxing untrusted Javascript code. This is becau