Vulnerabilities in commenthol software

Cross-site scripting in serialize-to-js NPM package13 Jan, 2020
Low Patched

Protection Mechanism Failure in safer-eval package for Node.js06 Jan, 2020
Medium Not Patched