๐ Npm Patches Vulnerability Allowing Access to User Files
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: feedproxy.google.com
JavaScript package manager npm last week addressed a vulnerability that could allow a publisher to access files on a userโs system.
The issue impacts versions of npm prior to 6.13.3 and versions of yarn prior to 1.21.1, and it could be exploited through a specially crafted entry in the package.json bin field. npm v6.13.4 addresses the vulnerability.
...