2 matches found
Hackers Flood NPM with Bogus Packages Causing a DoS Attack
Threat actors flooded the npm open source package repository for Node.js with bogus packages that briefly even resulted in a denial-of-service DoS attack. "The threat actors create malicious websites and publish empty packages with links to those malicious websites, taking advantage of open-sourc...
Metatag - Moderately critical - Information disclosure - SA-CONTRIB-2019-058
This module enables you to customize meta tags to help with a site's search engine ranking and improve the display of page summaries when shared on social networks. The module doesn't sufficiently check for a site being in maintenance mode. This vulnerability is mitigated by the fact that the sit...