Prototype Pollution Leads to Remote Code Execution in Node.js

Prototype pollution is a dangerous vulnerability affecting prototype-based
languages like JavaScript and the Node.js platform. It refers to the ability of
an attacker to inject properties into an object’s root prototype at runtime and
subsequently trigger… Read more

Read full article

Similar

How to patch the Node.js binary to write perfdata to a path other than /tmp

How to patch the NodeJS binary to write perfdata to a path other than /tmp...

Node.js Voice Assistant Toolbox – create your own Alexa app in under 100 lines

A JavaScript voice control library based on Mozilla DeepSpeech - jaxcore/deepspeech-plugin... (more…)

Node.js MySQL Transaction: a step-by-step tutorial with a real-life example

Follow this step-by-step guide to understand MySQL transactions with Node.js code. (more…)

Build and Deploy a Ticket Booking Platform with Node.js and Coinbase Commerce

The idea of being able to send and receive money almost instantly from anywhere in the world with no middleman is really appealing to a lot of people. Today, I thought it'd be fun to build a small web event ticketing portal Demo (something similar t... (more…)

Mark Nottingham asks Node.js and Go to remove HTTP 418 support from their stacks

Node implements the 418 I'm a Teapot status code in a few places. Its source is RFC2324, Hyper Text Coffee Pot Control Protocol (HTCPCP/1.0). Note the title - HTCPCP/1.0 is not HTTP/1.x. HTCPCP was... (more…)

Latest News

Risk of ‘industrial capture’ looms over AI revolution

Interview with Stephen Wolfram on Prompt Engineering and AI Constitutions

Generative AI set to affect 300M jobs in the US and Europe