This package helps ensure the security of your Node.js installation by checking for known vulnerabilities. It compares the version of Node.js you have installed (process.version) to the Node.js Security Database and alerts you if a vulnerability is found. Usage: npx is-my-node-vulnerable It's strongly recommended to include this as a step in the app CI. Output - When vulnerable: $ node -v v20.3.0 $ npx is-my-node-vulnerable āāāāā āāāāā āāā āā āāāāāā āāāāāāā āāāāāā āā āā āā āā āāāā āā āā āā āā āā āā āā āāāāāāā āā āā āā āā āāā āāāāā āāāāāā āā āā āā āā āā āā āā āā āā āā āā āā āāāāāā āā āā āā āāāā āāāāāā āāāāāāā āā āā The current Node.js version (v20.3.0) is vulnerable to the following CVEs: CVE-2023-30581: The use of proto in process.mainModule.proto.require() can bypass the policy mechanism and require modules outside of the policy.json definition Patched versions: ^16.20.1 || ^18.16.1 || ^20.3.1 Output - When non-vulnerable: $ node -v v20.11.1 $ npx is-my-node-vulnerable āāāāā āā āā āāāā
A Capture The Flag (CTF) platform for testing computer security skills
A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.
A collection of resources for securing AWS environments using the CIS Amazon Web Services Foundations Benchmark 1.1
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
Simple script to check a domain's email protections and identify vulnerabilities.
A list of vulnerable applications for testing and learning
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.