Releases6
Frequency11 months 3 weeks
Last Release
TypeScript definitions for kerberos

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 1.0.07.8 HIGH6.9 MEDIUM

The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search.