Npm team warns of new 'binary planting' bug

Discussion in 'other security issues & news' started by mood, Dec 13, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    27,671
    Npm team warns of new 'binary planting' bug
    Npm bug lets booby-trapped npm (JavaScript) packages plant or alter binaries on the victim's system
    December 13, 2019

    https://www.zdnet.com/article/npm-team-warns-of-new-binary-planting-bug/
    An in-depth technical report: binary planting and arbitrary file (over)write vulnerabilities in npm, pnpm and yarn
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.