dns-sync@0.1.0 vulnerabilities

dns-sync

Known vulnerabilities in the dns-sync package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Remote Code Execution (RCE) dns-sync is a dns-sync. Affected versions of this package are vulnerable to Remote Code Execution (RCE). This issue could lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. How to fix Remote Code Execution (RCE)? Upgrade `dns-sync` to version 0.2.0 or higher.	<0.2.0
M Regular Expression Denial of Service (ReDoS) `dns-sync` is a dns resolver implemented in node.js Affected versions of this package are uvlnerable to Regular Expression Denial of Service (ReDoS) attacks. How to fix Regular Expression Denial of Service (ReDoS)? There is no fix version for `dns-sync`.	*
M Arbitrary Command Injection The dns-sync library for node.js allows resolving hostnames in a synchronous fashion. All versions of dns-sync prior to the release 0.1.3 were vulnerable to arbitrary command execution via maliciously formed hostnames. How to fix Arbitrary Command Injection? Upgrade dns-sync to version 0.1.1 or greater.	<0.1.3