5.3
CVSS V3
Status
Fixed version
8.2.1-r0Status
Impact
Several lerna v8.2.0 dependencies (including @lerna/legacy-package-management) rely on @octokit/core@19.0.11, which itself relies on @octokit/request-error version 3.0.3 as a direct dependency. The fix versions of this dependency are several major versions higher (v5.1.1 or v6.1.7) and will require upstream maintainers to implement.
Status