all InfoSec news
Vulnerability Spotlight: Node-SQLite3 issue could lead to denial of service in Ghost CMS
Malware Analysis, News and Indicators - Latest topics malware.news
Dave McDaniel of Cisco Talos discovered this vulnerability.
Cisco Talos recently discovered a vulnerability in node-sqlite3 that affects the Ghost content management system and could affect other software utilizing this library.
Ghost is a content management system with tools to build a website, publish content and send newsletters.
The node-sqlite3 library provides asynchronous, non-blocking SQLite3 bindings for Node.js. Ghost maintains the node-sqlite3 library and uses it in its CMS platform.
Talos identified a remote code execution vulnerability if an attacker …
asynchronous blocking build cisco cisco talos cms dave denial of service ghost issue library management newsletters node node.js non platform send service software spotlight sqlite3 system talos tools vulnerability vulnerability spotlight website