腾讯网

JavaScript 库 React 高危漏洞(CVE-2025-11953)威胁数百万开发者

软件供应链公司 JFrog Ltd. 的安全研究人员今日披露了 Meta Platforms Inc. 开发的开源 JavaScript 库 React 中存在一个高危漏洞的细节,可能导致数百万开发者面临远程代码执行风险。 漏洞影响范围广泛 JFrog 安全研究团队在每周下载量超过 200 万次的 @react-native-community/cli ...
CSOonline

Flaw in React Native CLI opens dev servers to attacks

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems before a fix in version 20.0.0. A critical remote-code execution (RCE) flaw ...
adtmag.com

Easier React Native (Android) Debugging

For this Android on Windows hobbyist, React Native remains an alluring but elusive shiny new toy to play with. That's simply because creator Facebook has an iOS-first approach: As React Native on iOS ...
SiliconANGLE

JFrog discloses CVSS 9.8 React vulnerability putting millions of developers at risk

Security researchers at software supply chain company JFrog Ltd. today revealed details of a critical vulnerability in React, the open-source JavaScript library developed by Meta Platforms Inc., that ...