The Node.js Secure Coding Blog

Secure Coding Practices in Node.js Against Path Traversal Vulnerabilities
Path traversal vulnerabilities were discovered in webpack and backstage npm packages. Learn secure coding practices to prevent path traversal attacks in Node.js applications.
May 23, 2024 ~ 3 min read
nodejs
secure coding
path traversal
vulnerabilities
Secure JavaScript Coding Practices Against Command Injection Vulnerabilities
Secure JavaScript coding practices are essential to prevent command injection vulnerabilities in Node.js applications. Learn how to avoid common pitfalls and protect your code from exploitation.
May 17, 2024 ~ 3 min read
secure coding
JavaScript
command injection
vulnerabilities
To IDOR or Not to IDOR: Insecure Direct Object Reference in JavaScript Applications Explained
Can you spot an Insecure Direct Object Reference (IDOR) vulnerability in your JavaScript application? Learn what IDOR is, how it can be exploited, and how to prevent it in your code.
May 8, 2024 ~ 5 min read
idor
security
npm vulnerabilities: reviewing the security of your dependencies
Learn about recent npm vulnerabilities in popular npm packages and how to protect your applications from security reports disclosed in 2024.
May 2, 2024 ~ 3 min read
npm
security
vulnerabilities
Disclosing code injection vulnerabilities in safe-eval-2 npm package
A project fork is not without risks, and this time it's the safe-eval-2 npm package that is vulnerable to code injection attacks.
Apr 26, 2024 ~ 3 min read
nodejs
security
vulnerability
safe-eval
Introducing Node.js Security Permissions Model, Threat Model, and Security Releases
Learn how to secure your Node.js applications with the new Permissions Model, stay informed about security releases, and understand the Node.js Security Threat.
Apr 25, 2024 ~ 4 min read
nodejs
security
runtime

Newer posts

Older posts