VYPR

npm package

kerberos

pkg:npm/kerberos

Vulnerabilities (1)

  • CVE-2020-13110May 16, 2020
    affected < 1.0.0fixed 1.0.0

    The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search.