GitHub security team has identified several high-severity vulnerabilities in npm packages, « tar » and « @npmcli/arborist, » used by npm CLI. The tar package receives 20 million weekly downloads on average, whereas arborist gets downloaded over 300,000 times every week. […]
