npm Update
1744Warning Date
Severity Level
Warning Number
Target Sector
20 April, 2021
● Medium
2021-2793
All
Description:
npm has released a security update to address a vulnerability in the following product:
- jose
- 1.9.2 - 3.11.3
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Padding Oracle Attack
Best practice and Recommendations:
The CERT team encourages users to review npm security advisory and apply the necessary updates: