Ducky97

Name of the Vulnerable Software and Affected Versions: parse-git-config version 3.0.0 Description: The issue allows an attacker to obtain sensitive information via the `expandKeys` function. Recommendations: For parse-git-config version 3.0.0, consider disabling the `expandKeys` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** canvg version 4.0.2 **Description** An issue in the Constructor of the class `StyleElement` allows an attacker to execute arbitrary code. **Recommendations** For canvg version 4.0.2, at the moment, there is no information about a newer version that contains a fix for this issue.