7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
35.5%
16.19.1-alt1 built March 22, 2023 Andrey Cherepanov in task #316988
March 13, 2023 Vitaly Lipatov
- new version 16.19.1 (with rpmrb script)
- CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
- CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
- CVE-2023-23920: Node.js insecure loading of ICU data through ICU\_DATA environment variable (Low)
- CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
- CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
- set openssl >= 1.1.1s
- set npm >= 8.19.3
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ALT Linux | 10 | src | node | < 16.19.1-alt1 | node-16.19.1-alt1.src.rpm |
ALT Linux | 10 | noarch | node-doc | < 16.19.1-alt1 | node-doc-16.19.1-alt1.noarch.rpm |
ALT Linux | 10 | x86_64 | node | < 16.19.1-alt1 | node-16.19.1-alt1.x86_64.rpm |
ALT Linux | 10 | x86_64 | node-debuginfo | < 16.19.1-alt1 | node-debuginfo-16.19.1-alt1.x86_64.rpm |
ALT Linux | 10 | x86_64 | node-devel | < 16.19.1-alt1 | node-devel-16.19.1-alt1.x86_64.rpm |
ALT Linux | 10 | i586 | node | < 16.19.1-alt1 | node-16.19.1-alt1.i586.rpm |
ALT Linux | 10 | i586 | node-debuginfo | < 16.19.1-alt1 | node-debuginfo-16.19.1-alt1.i586.rpm |
ALT Linux | 10 | i586 | node-devel | < 16.19.1-alt1 | node-devel-16.19.1-alt1.i586.rpm |
ALT Linux | 10 | aarch64 | node | < 16.19.1-alt1 | node-16.19.1-alt1.aarch64.rpm |
ALT Linux | 10 | aarch64 | node-debuginfo | < 16.19.1-alt1 | node-debuginfo-16.19.1-alt1.aarch64.rpm |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
35.5%