Remote Code Execution bug found in Popular Node.js changelog library (I go through the code)

The Backend Engineering Show with Hussein Nasser

Episode | Podcast

Date: Tue, 21 Jul 2020 20:58:07 GMT

<p>Github security team has found a remote execution code in Node.JS library changelog. In this video I describe the bug and go through the code &nbsp;Resources https://portswigger.net/daily-swig/github-security-team-finds-remote-code-execution-bug-in-popular-node-js-changelog-library https://github.com/conventional-changelog/standard-version/pull/351/files https://github.com/advisories/GHSA-7xcx-6wjh-7xp2</p>