NPM package with 3 million weekly downloads had a severe vulnerability
Getty Images reader comments 50 with 36 posters participating Share this story Popular NPM package “pac-resolver” has fixed a severe remote code execution (RCE) flaw. The pac-resolver package receives over 3 million weekly downloads, extending this vulnerability to Node.js applications relying on the open source dependency. Pac-resolver touts itself as a module that accepts JavaScript… Read More »