2 posts tagged with "cve"

On the 28^th of September 2023, a critical security vulnerability affecting all versions of Zod was reported under the identifier CVE-2023-4316. Zod is known as "TypeScript-first schema validation with static type inference".

This post proposes an approach to anticipate and prevent such vulnerabilities. by leveraging fast-check and its ecosystem.

Prototype pollution is among the most frequent sources of Common Vulnerabilities and Exposures - aka CVE - in the JavaScript ecosystem. As a result, detecting them early has always been a key challenge for fast-check.

In this post, you will learn what they are and how you can find them easily using fast-check.