[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

npm: CVE-2021-27290

ID: oval:org.secpod.oval:def:1801973Date: (C)2021-08-02   (M)2024-01-23
Class: PATCHFamily: unix




Blackduck security scanner finds node module "ssri" in version 6.0.1 is prone to CVE-2021-27290. apk info --who-owns /usr/lib/node_modules/npm/node_modules/ssri/package.json: /usr/lib/node_modules/npm/node_modules/ssri/package.json is owned by npm-14.16.0-r0. So we like to request updating the ssri module in the npm alpine package at least to 8.0.1.

Platform:
Alpine Linux 3.13
Product:
nodejs
Reference:
12592
CVE-2021-27290
CVE    1
CVE-2021-27290

© SecPod Technologies