Visit Website

This package helps ensure the security of your Node.js installation by checking for known vulnerabilities. It compares the version of Node.js you have installed (process.version) to the Node.js Security Database and alerts you if a vulnerability is found. Usage: npx is-my-node-vulnerable It's strongly recommended to include this as a step in the app CI. Output - When vulnerable: $ node -v v20.3.0 $ npx is-my-node-vulnerable █████ █████ ███ ██ ██████ ███████ ██████ ██ ██ ██ ██ ████ ██ ██ ██ ██ ██ ██ ██ ███████ ██ ██ ██ ██ ███ █████ ██████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██████ ██ ██ ██ ████ ██████ ███████ ██ ██ The current Node.js version (v20.3.0) is vulnerable to the following CVEs: CVE-2023-30581: The use of proto in process.mainModule.proto.require() can bypass the policy mechanism and require modules outside of the policy.json definition Patched versions: ^16.20.1 || ^18.16.1 || ^20.3.1 Output - When non-vulnerable: $ node -v v20.11.1 $ npx is-my-node-vulnerable █████ ██ ██ ████

FEATURES

ALTERNATIVES

A tool for detecting and exploiting vulnerabilities in web applications

CSET is a free software tool for identifying vulnerabilities in enterprise and industrial control cyber systems.

tfsec is being replaced by Trivy, a more comprehensive open-source security solution

Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.

A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.

Web-application vulnerability scanner with extensive coverage of security testing modules.

A collection of real-world scenarios to evaluate command injection detection and exploitation abilities

Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved