A potentially “catastrophic” security vulnerability in Netmask, an NPM package used by more than 279,000 open source projects, has been patched after lying undiscovered for nine years.
The improper input validation flaw could allow remote, unauthenticated attackers to achieve server-side request forgery (SSRF) in downstream applications.
Top comments (0)