CVE-2021-39135 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
The 'nodejs-lts-erbium' and 'nodejs-lts-fermium' core dependency 'npmcli/arborist' before version 2.8.2 is vulnerable to arbitrary file creation/overwrite and arbitrary code execution vulnerabilities.
Group Package Affected Fixed Severity Status Ticket
AVG-2461 nodejs-lts-fermium 14.17.4-1 High Not affected
AVG-2339 nodejs-lts-erbium 12.22.4-2 High Not affected
References
https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases2/
https://github.com/npm/arborist/security/advisories/GHSA-gmw6-94gg-2rc2