npm Alert
1727Warning Date
Severity Level
Warning Number
Target Sector
11 January, 2022
● High
2022-4192
All
npm has released security alert to address a vulnerability in the following product:
- Colors
- >= 1.4.1, <= 1.4.2
- = 1.4.44-liberty-2
Attacker could exploit this vulnerability by doing the following:
- Denial of service attack (DoS)
The CERT team encourages users to review npm security advisory and downgrade to version 1.4.0: