5.3
CVSS V3
Status
Fixed version
8.2.1-r0Status
Impact
Several lerna v8.2.0 dependencies (including @lerna/legacy-package-management) rely on @octokit/core version 19.0.11, which itself relies on @octokit/request version 6.2.8 as a direct dependency. The fix versions of this dependency are several major versions higher (8.4.1 or v9.2.1) and will require upstream maintainers to implement
Status