Security issue

[lirantal]

Hi,

I'm a member of the Node.js Security WG and we received a report regarding a security issue with this module. We tried inviting the author by e-mail but received no response so I'm opening this issue and inviting anyone with commit and npm publish rights to collaborate with us on a fix.

[roest01]

Hello @lirantal,
you can contact me because of this issue via [anonymized]

May i can fix and provide an PR

[lirantal]

Yes @roest01, please check your inbox for the invite

[queval-j]

Any news about this issue?

[roest01]

PR is made. Issue is fixed there ...

[roest01]

Maybe someone or some could do a code review of #39 to help @mooz merging this ?

[svrnwnsch]

As long as there is no new version how can I sanitize input for the current 2.0.0 version?