kerberos@0.0.4

Vulnerabilities

1 via 1 paths

Dependencies

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

critical severity

DLL Injection

  • Vulnerable module: kerberos
  • Introduced through: kerberos@0.0.4

Detailed paths

  • Introduced through: kerberos@0.0.4
    Remediation: Upgrade to kerberos@1.0.0.

Overview

Affected versions of this package are vulnerable to DLL Injection. An attacker can execute arbitrary code by creating a file with the same name in a folder that precedes the intended file in the DLL path search.

Remediation

Upgrade kerberos to version 1.0.0 or higher.

References