exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2023-23918

Status Candidate

Overview

A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.

Related Files

Debian Security Advisory 5589-1
Posted Dec 28, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5589-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559, CVE-2023-38552, CVE-2023-39333
SHA-256 | 99cc458c7d37e5ed3bbb9cd1ecafd2849b5c2bd6325b06e8297be7edef82db88
Red Hat Security Advisory 2023-2654-01
Posted May 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2654-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow, bypass, crlf injection, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2022-25881, CVE-2022-4904, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807
SHA-256 | 4e7a13c72b1bbe26649f90f2ee5c748667dc190692c7389ff21e92530336c9f3
Red Hat Security Advisory 2023-2655-01
Posted May 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2655-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow, bypass, crlf injection, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2022-25881, CVE-2022-4904, CVE-2023-23918, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807
SHA-256 | 812f3378f3e6c1833158a97cad774a26513a32be88e668163955d219a846d53f
Red Hat Security Advisory 2023-1744-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1744-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow, bypass, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2022-25881, CVE-2022-38900, CVE-2022-4904, CVE-2023-23918, CVE-2023-23920
SHA-256 | b516e9f562da009ac786a0543e0d7eebc70acfd4e3c5df43a3267c02f234c887
Red Hat Security Advisory 2023-1743-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1743-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow, bypass, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2022-25881, CVE-2022-3517, CVE-2022-38900, CVE-2022-4904, CVE-2023-23918, CVE-2023-23920
SHA-256 | 48bd4394b42ef169e2f3ba2b84e34d023eb13eadddd77b237b4659256714e6b3
Red Hat Security Advisory 2023-1533-01
Posted Apr 3, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1533-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, bypass, and denial of service vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2021-44906, CVE-2022-24999, CVE-2022-25881, CVE-2022-3517, CVE-2022-35256, CVE-2022-38900, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23920
SHA-256 | 1d997c727b547d00a2b7b276e0830053a199463662b5eb3fddb9e968cdd8798e
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close