Security Vulnerability in NPM CLI #4346
Description
Noticing a security vulnerability [CVE-2021-3807] when scanning the "npm" package with JFrog Xray as below:
The package cli-table3 and one of its dependency ansi-regex need to be bumped up in order to fix this issue.
Full Dependency Tree:
test-app@1.0.0
└─┬ npm@8.3.1
└─┬ cli-table3@0.6.0
└─┬ string-width@4.2.2
└─┬ strip-ansi@6.0.0
└── ansi-regex@5.0.0
This vulnerability is reported with a "High Severity".
The vulnerability is fixed with ansi-regex@6.0.1
Please advise.
Thanks in advance.
(Also see: nodejs/node#41039)