The NodeSource Blog

Node.js Security Release Summary - February 2019

In Node.js on Feb 28 2019

Security updates have shipped for all active Node.js release lines, including several DoS vulnerabilities. Find out how the updates impact you.

Node.js Security Release Summary - November 2018

In Node.js on Nov 28 2018

Security updates have shipped for all active Node.js release lines, including two high-impact DoS vulnerabilities. Find out how the updates impact you.

Triaging Known Vulnerabilities in Your Dependency Tree with NCM Desktop

In How To on Oct 10 2018

Learn to use NCM Desktop to triage vulnerabilities in your dependency tree, regardless of if they're top-level or deeply nested.

Node.js and the "HashWick" vulnerability

In Node.js on Aug 24 2018

This week, the HashWick vulnerability affecting all versions of V8 was publicly disclosed. Read on to see how the vulnerability affects Node.js.

Node.js Security Release Summary - August 2018

In Node.js on Aug 16 2018

Updates shipped for all active Node.js release lines, several low-severity vulnerabilities. Find out how the update impacts you.

A High Level Post Mortem of the eslint-scope Security Incident

In Community on Jul 12 2018

A post mortem of the incident surrounding eslint-scope, in which additional code was published with the module to

Node.js Security Release Summary - June 2018

In Node.js on Jun 13 2018

Yesterday updates shipped for all active Node.js release lines, patching five Denial of Service vulnerabilities. Find out how the update impacts you.

Node.js Security Release Summary - March 2018

In Node.js on Mar 28 2018

Today updates shipped for all active Node.js release lines, patching several vulnerabilities with ranging severity. Find out how the update impacts you.