Description
This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function.
Remediation
References
https://security.netapp.com/advisory/ntap-20220901-0012/
https://security.snyk.io/vuln/SNYK-JS-NPMHELP-1050983
Related Vulnerabilities
CVE-2018-19837 Vulnerability in maven package org.webjars.npm:node-sass
CVE-2018-14721 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2020-7663 Vulnerability in maven package org.webjars.npm:websocket-extensions
CVE-2022-25908 Vulnerability in npm package create-choo-electron