Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Notícia de segurança recolhida automaticamente.

Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution (RCE) and denial-of-service (DoS) attacks.

"In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger

Fonte original: Ler artigo completo aqui