Critical Bug Reported in NPM Package With Millions of Downloads Weekly

13 September 2021

A widely used NPM package called ‘Pac-Resolver’ for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent. The flaw, tracked as CVE-2021-23406, has a severity rating of 8.1 on the CVSS vulnerability scoring system and affects Pac-Resolver versions before 5.0.0.

Read full article on The Hacker News

Date:

13 September 2021

Categorie(s):

NEWS

Tag(s):

Bug, Critical, Downloads, Packages, Proxy

Misconfigured cloud server leaked clues of North Korean animation scam23 April 2024
The rising influence of AI on the 2024 US election23 April 2024
10 colleges and universities shaping the future of cybersecurity education23 April 2024
People doubt their own ability to spot AI-generated deepfakes23 April 2024
Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak23 April 2024