Advisories for Npm/Node-Fetch package

Denial of Service in GitHub repository node-fetch/node-fetch prior to 3.2.10.

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

node-fetch did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't …