npm Update
1745Warning Date
Severity Level
Warning Number
Target Sector
4 July, 2021
● Medium
2021-3139
All
Description:
npm has released a security update to address a vulnerability in the following product:
- stellar-sdk
- 0.1.9 0.1.10 0.2.0 0.2.1 0.2.2 0.2.3 0.2.5 0.2.6 0.2.7 0.2.8 0.2.9 0.2.10 0.2.11 0.2.12 0.2.13 0.2.14 0.2.15 0.2.16 0.2.17 0.2.18 0.2.19 0.2.20 0.2.21 0.2.22 0.2.23 0.3.0 0.3.1 0.3.2 0.3.3 0.3.4 0.3.5 0.4.0 0.4.1 0.4.2 0.4.3 0.5.0 0.5.1 0.6.0 0.6.1 0.6.2 0.7.0 0.7.1 0.7.2 0.7.3 0.7.4 0.7.5 0.7.6 0.7.7 0.8.0 0.8.1 0.8.2 0.9.0 0.9.1 0.9.2 0.10.0 0.10.1 0.10.2 0.10.3 0.11.0 0.12.0 0.13.0 0.14.0 0.15.0 0.15.1 0.15.3 0.15.4 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 2.0.0 2.0.1 2.1.0 2.1.1 2.2.0 2.2.1 2.2.2 2.2.3 2.3.0 3.0.0 3.0.1 3.1.0 3.1.1 3.1.2 3.2.0 3.3.0 4.0.0 4.0.1 4.0.2 4.1.0 5.0.0 5.0.1 5.0.2 5.0.3 5.0.4 6.0.0 6.1.0 6.2.0 7.0.0 8.0.0 8.1.0 8.1.1 8.2.0 8.2.1 8.2.2
Threats:
The vulnerability causes improper authentications.
Best practice and Recommendations:
The CERT team encourages users to review npm security advisory and apply the necessary update: