VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Proto6: six protobuf.js vulnerabilities enable RCE and DoS in Node.js

Proto6: шесть уязвимостей в protobuf.js приводят к RCE и DoS в Node.js

Colleagues, please note: six Proto6 vulnerabilities in protobuf.js have been discovered, enabling remote code execution and denial of service.

— Reported by Cyera: issues stem from trusting schemas; primary risks are RCE via prototype pollution and data leaks/DoS.
— Many Node.js services, Google Cloud SDK, messaging frameworks and CI/CD are affected. Vulnerable versions: protobuf.js

Latest comments

No comments yet.