npm Update
2000Warning Date
Severity Level
Warning Number
Target Sector
18 June, 2020
● High
2020-1366
All
Description:
npm released security update to address a vulnerability in the following product:
- @sap-cloud-sdk/core
- 1.19.0
- 1.20.0
- 1.20.1
- 1.21.0
- 1.21.1
Threats:
verifyJwt() function does not properly validate the URL.
Best practice and Recommendations:
The CERT team encourages users to review npm security advisory and apply the necessary updates: