According to github there's a vulnerability in our version: 
