Critical Bug Reported in NPM Package With Millions of Downloads Weekly

A widely used NPM package called 'Pac-Resolver' for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent.  The flaw, tracked as CVE-2021-23406, has a severity rating of 8.1 on the CVSS vulnerability scoring system and affects
https://thehackernews.com/2021/09/critical-bug-reported-in-npm-package.html?utm_source=dlvr.it&utm_medium=blogger