Information on source package npm

Available versions

ReleaseVersion
buster5.8.0+ds6-4+deb10u2
bullseye7.5.2+ds-2
bookworm8.3.1~ds-1
sid8.3.1~ds-1

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2021-43616vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an i ...
CVE-2021-39135vulnerable (no DSA)vulnerable (no DSA)fixedfixed`@npmcli/arborist`, the library that calculates dependency trees and m ...
CVE-2021-39134vulnerable (no DSA)vulnerable (no DSA)fixedfixed`@npmcli/arborist`, the library that calculates dependency trees and m ...

Resolved issues

BugDescription
CVE-2020-15095Versions of the npm CLI prior to 6.14.6 are vulnerable to an informati ...
CVE-2019-16777Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary ...
CVE-2019-16776Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary ...
CVE-2019-16775Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary ...
CVE-2018-7408An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked ...
CVE-2016-3956The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js ...
CVE-2013-4116lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local us ...

Search for package or bug name: Reporting problems