Advisories for Npm/Heroku-Addonpool package

heroku-addonpool is vulnerable to Command Injection.