Advisories for Npm/Node-Sass package

Certificate validation in node-sass is disabled when requesting binaries even if the user is not specifying an alternative download path.

Affected versions of node-sass are vulnerable to Denial of Service (DoS). Crafted objects passed to the renderSync function may trigger C++ assertions in CustomImporterBridge::get_importer_entry and CustomImporterBridge::post_process_return_value that crash the Node process. This may allow attackers to crash the system's running Node process and lead to Denial of Service. Recommendation Upgrade to version 4.13.1 or later