Collection about Node.js CVE and PoC
收集的一些关于 Node.js 的 CVE 和 PoC
- CVE-2018-3728
- name: hoek
- Prototype pollution attack
- CVE-2018-3737
- name: sshpk
- sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS