Vulnerabilities > Npmjs > NPM > 7.11.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-13 | CVE-2022-29244 | Information Exposure vulnerability in multiple products npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. | 7.5 |
| 2021-11-13 | CVE-2021-43616 | Insufficient Verification of Data Authenticity vulnerability in multiple products The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if dependency information in package-lock.json differs from package.json. | 9.8 |