Information security
fromThe Hacker News
7 hours agoCERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution
A lack of sanitization in binary-parser versions before 2.3.0 can allow attacker-controlled input to be compiled into runtime code, enabling arbitrary JavaScript execution.