Download
| Alert*
npm: CVE-2021-27290
Blackduck security scanner finds node module "ssri" in version 6.0.1 is prone to CVE-2021-27290. apk info --who-owns /usr/lib/node_modules/npm/node_modules/ssri/package.json: /usr/lib/node_modules/npm/node_modules/ssri/package.json is owned by npm-14.16.0-r0. So we like to request updating the ssri module in the npm alpine package at least to 8.0.1.
|