The Backend Engineering Show with Hussein Nasser

NodeJS July 2021 Security Releases

Jul 9, 2021

11:14

forum

Ask episode

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

In today's show I go through the NodeJS Security Releases for the month of July 2021, lots of interesting vulnerabilities to discuss.

0:00 Intro

1:00 CVE-2021-22918 - libuv DNS Out of bounds Crash

3:40 CVE-2021-22921 - Node Windows installer Local Privilege Escalation

7:30 CVE-2021-27290 - ssri Regular Expression Denial of Service (ReDoS)

Resources

https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/

https://hackerone.com/reports/1211160

https://snyk.io/vuln/SNYK-JS-SSRI-1085630

Home Top podcasts Popular guests