High
CVE-2022-25921
Node.js morgan-json module could allow a remote attacker to execute arbitrary code on the system, caused by missing sanitization of input passed to the Function constructor. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Node.js
Node.js morgan-json
Refer to NPM Website for patch, upgrade or suggested workaround information.