Lucene search

K
f5F5F5:K000133616
HistoryApr 22, 2023 - 12:00 a.m.

K000133616 : Node.js vulnerability CVE-2023-23919

2023-04-2200:00:00
my.f5.com
15
node.js
openssl
cryptographic
vulnerability
denial of service

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

33.6%

Security Advisory Description

A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service. (CVE-2023-23919)

Impact

There is no impact; F5 products are not affected by this vulnerability.