@types/kerberos
Releases6
Frequency11 months 3 weeks
Last Release
TypeScript definitions for kerberos
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 1.0.0 | 7.8 HIGH | 6.9 MEDIUM | ||
The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search. | ||||