Rewterz Threat Advisory – Node.js loadyaml module security bypass

October 5, 2020

Severity

High

Analysis summary

Node.js loadyaml module could allow a remote attacker to bypass security restrictions, caused by containing malicious code as a preinstall script. By persuading a victim to install a specially-crafted application, an attacker could exploit this vulnerability to writes a public comment, including IP and IP-based geolocation, home directory name, and local username on GitHub.

Impact

Security bypass

Affected Vendors

NodeJs

Affected Products

Node.js loadyaml

Remediation

Refer to vendor advisory for the complete list of affected products and respective patches.

https://www.npmjs.com/advisories/1563

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

SideWinder APT Group aka Rattlesnake – Active IOCs

Microsoft Bookings Vulnerability Allowed Attackers to Modify Meeting Details

ClickFix Scheme Used by Russian Hackers to Deploy Espionage Malware – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – IPStorm Introduces a Malware Variant for Linux

Rewterz Threat Advisory – CVE-2020-25641 – Linux Kernel biovec usage denial of service

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.