npm Update
1674Warning Date
Severity Level
Warning Number
Target Sector
30 March, 2021
● Medium
2021-2696
All
Description:
npm has released a security update to address a vulnerability in the following product:
- netmask
- 0.0.0
- 0.0.1
- 0.0.2
- 1.0.3
- 1.0.4
- 1.0.5
- 1.0.6
- 2.0.0
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Server-side request forgery (SSRF)
Best practice and Recommendations:
The CERT team encourages users to review npm security advisory and apply the necessary updates: