Node.js

Node.js to Issue CVE for End-of-Life Versions

• Technology
• Vulnerability

Node.js to Issue CVE for End-of-Life Versions

do son January 9, 2025

In a significant move to bolster security and encourage users to stay up-to-date, the Node.js Project has...

Read More Read more about Node.js to Issue CVE for End-of-Life Versions

CVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack

• Vulnerability

CVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack

do son December 23, 2024

A severe command injection vulnerability (CVE-2024-56334) has been identified in the widely used Node.js system information package,...

Read More Read more about CVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack

Wish Stealer: New Malware Targets Discord, Browsers, and Cryptocurrency Wallets

• Malware

Wish Stealer: New Malware Targets Discord, Browsers, and Cryptocurrency Wallets

do son November 11, 2024

CYFIRMA recently identified “Wish Stealer,” a new Node.js-based malware that targets Windows users by stealing sensitive information...

Read More Read more about Wish Stealer: New Malware Targets Discord, Browsers, and Cryptocurrency Wallets

CVE-2024-36138: High-Severity Vulnerability in Node.js Allows Code Execution on Windows

• Vulnerability

CVE-2024-36138: High-Severity Vulnerability in Node.js Allows Code Execution on Windows

do son July 8, 2024

The Node.js Project has released a security update to address multiple vulnerabilities, including a high-severity flaw that...

Read More Read more about CVE-2024-36138: High-Severity Vulnerability in Node.js Allows Code Execution on Windows

CVE-2024-21512: MySQL2 Vulnerability Puts Millions of Downloads at Risk

• Vulnerability

CVE-2024-21512: MySQL2 Vulnerability Puts Millions of Downloads at Risk

do son June 3, 2024

MySQL2, a popular MySQL client library for Node.js with over 2 million monthly downloads, has been found...

Read More Read more about CVE-2024-21512: MySQL2 Vulnerability Puts Millions of Downloads at Risk

CVE-2024-29415: Popular Node.js Package ‘node-ip’ Exposes Millions to Potential SSRF Attacks

• Vulnerability

CVE-2024-29415: Popular Node.js Package ‘node-ip’ Exposes Millions to Potential SSRF Attacks

do son June 3, 2024

A significant security vulnerability has been uncovered in the widely-used node-ip npm package, which is designed to...

Read More Read more about CVE-2024-29415: Popular Node.js Package ‘node-ip’ Exposes Millions to Potential SSRF Attacks

Node.js Security Update Addresses Server Crash, Request Smuggling Vulnerabilities

• Vulnerability

Node.js Security Update Addresses Server Crash, Request Smuggling Vulnerabilities

do son April 3, 2024

The Node.js project has released a critical security update addressing vulnerabilities in active release lines (v18.x, v20.x,...

Read More Read more about Node.js Security Update Addresses Server Crash, Request Smuggling Vulnerabilities

Major Node.js Security Flaws: Millions of Apps Could Be Vulnerable

• Vulnerability

Major Node.js Security Flaws: Millions of Apps Could Be Vulnerable

do son February 15, 2024

Node.js, the popular JavaScript runtime environment used by millions of developers worldwide, has recently issued security updates...

Read More Read more about Major Node.js Security Flaws: Millions of Apps Could Be Vulnerable

Node.js is vulnerable to HTTP/2 rapid reset zero-day vulnerability CVE-2023-44487

• Vulnerability

Node.js is vulnerable to HTTP/2 rapid reset zero-day vulnerability CVE-2023-44487

do son October 15, 2023

Node.js is a popular JavaScript runtime environment that is used to build scalable and performant web applications...

Read More Read more about Node.js is vulnerable to HTTP/2 rapid reset zero-day vulnerability CVE-2023-44487

Multiple Critical Security Vulnerabilities Found in Node.js

• Vulnerability

Multiple Critical Security Vulnerabilities Found in Node.js

do son August 10, 2023

Node.js is a popular JavaScript runtime environment that is used to build a wide variety of applications,...

Read More Read more about Multiple Critical Security Vulnerabilities Found in Node.js