VYPR

npm package

log4js

pkg:npm/log4js

Vulnerabilities (1)

  • CVE-2022-21704Jan 19, 2022
    affected < 6.4.0fixed 6.4.0

    log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log files contain sensitive information. This would affect any u