This NPM package with millions of weekly downloads has fixed a remote code execution flaw

6 September 2021

A very popular NPM package called ‘pac-resolver’ for the JavaScript programming language has been fixed to address a remote code execution flaw that could affect a lot of Node.js applications. The flaw in the pac-resolver dependency was found by developer Tim Perry who notes it could have allowed an attacker on a local network to remotely run malicious code inside a Node.js process whenever an operator tried to send an HTTP request.

Read full article on ZDNet

Date:

6 September 2021

Categorie(s):

NEWS

Tag(s):

IT, News

Say goodbye to standard security for smartphones (you need this instead)29 April 2024
The EU has decided to open up iPadOS29 April 2024
Your Must-Know AI and Cloud-Native AppSec Insights at RSAC 202429 April 2024
Belarus security agency allegedly subjected to hacktivist attack29 April 2024
Old Microsoft Office bug leveraged to compromise Ukraine29 April 2024