IDOR Vulnerability: What is it and how to prevent it?
Interestingly enough, the IDOR vulnerability type is found as a CVE more commonly in some languages rather than others. Why is that and how can you prevent it?
Articles tagged for: nodejs
Why is it considered a bad practice to write raw SQL commands?
Are we going to settle the debate between raw SQL queries and ORMs once and for all? Let's explore the pros and cons of each approach and find the right balance between control and convenience.
Secure Coding Practices in Node.js Against Path Traversal Vulnerabilities
Path traversal vulnerabilities were discovered in webpack and backstage npm packages. Learn secure coding practices to prevent path traversal attacks in Node.js applications.
Disclosing code injection vulnerabilities in safe-eval-2 npm package
A project fork is not without risks, and this time it's the safe-eval-2 npm package that is vulnerable to code injection attacks.
Introducing Node.js Security Permissions Model, Threat Model, and Security Releases
Learn how to secure your Node.js applications with the new Permissions Model, stay informed about security releases, and understand the Node.js Security Threat.
Common Node.js Security Issues and How to Mitigate Them
Learn about common Node.js security issues and how to mitigate them. This blog post covers Denial-of-Service (DoS) attacks, DNS rebinding attacks, unintended package publication, information exposure via timing attacks, and command injection vulnerabilities.