Open aszx87410 opened 2 years ago
值得找時間好好研究,之前 cdnjs 也是相關的洞
5 RCEs in npm for $15,000 https://robertchen.cc/blog/2021/09/20/npm-rce
https://portswigger.net/daily-swig/node-js-archives-serious-tar-handling-vulnerabilities-with-software-update
aszx87410
commented
2 years ago
值得找時間好好研究,之前 cdnjs 也是相關的洞
5 RCEs in npm for $15,000 https://robertchen.cc/blog/2021/09/20/npm-rce