There has been a question and even a whole markdown page for this, however the question "in which version this vulnerability has been fixed" is not clearly answered. Due to this all current versions are flagged as vulnerable... Snyk mentions version 20160422.1 or higher are safe...

We recommend upgrading to release 88 or later available via
downloads which does not break API compatibility with the previous release.

What is release r88 mentioned in the post or better asked: which version is r88?
Current releases have a date and not a number e.g. 20240325.1

Update: Found this commit with a reference to 88. So this CVE is long gone?