Published
Last updated
code-server
Status
Justification
Impact
The finding is part of a VS Code extension definition, not an actual runtime dependency of code-server. The vulnerable package is not installed or used by the application.