The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
GHSA-97m3-w2cp-4xx6 Alternatives
Similar projects and alternatives to GHSA-97m3-w2cp-4xx6
-
ArchiveBox
🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
node-ipc
A nodejs module for local and remote Inter Process Communication (IPC), Neural Networking, and able to facilitate machine learning. (by RIAEvangelist)
-
peacenotwar
Discontinued Attempts to determine if the computer its running on has an IP originating from Russia or Belarus. If it is then depending on the version of the malware either attempts to delete all files on the computer, or creates a text file on the computers desktop protesting the war in ukraine.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
SecurityAdvisories
:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
GHSA-97m3-w2cp-4xx6 reviews and mentions
-
Selecting the Right Dependencies: A Comprehensive Practical Guide
How safe is it to use? It may sound like fiction, but yes, dependencies can be dangerous. For example, an interesting feature was added to a library with 500k downloads: it tries to replace all files on the computer with ❤️ if your IP address falls within a specific range.
- Embedded Malicious Code in node-ipc
- Open Source Maintainer Sabotages Code to Wipe Russian, Belarusian Computers
-
With the recent scandal over the 'node-ipc' package, is Composer also vulnerable like this? Is there any security measure in the Composer to prevent this type of attack?
Source: CVE-2022-23812
- CVE-2022-23812 - mbedded Malicious Code in node-ipc - The package node-ipc versions 10.1.1 and 10.1.2 are vulnerable to embedded malicious code that was introduced by the maintainer. The malicious code was intended to overwrite arbitrary files on Russian systems
- My entire PC got wiped Do not download
- NPM supply chain attack - Wipes your disk if you have a Russian/Byelorussian IP
-
Ukraine Invasion Megathread #3
I have not audited the malicious code myself, so you might be right, I'm going by the CVE reports that say it does this to arbitrary files.
-
A note from our sponsor - WorkOS
workos.com | 29 Apr 2024
Stats
Sponsored