BIT-NODE-2023-39331

🗓️ 06 Mar 2024 10:59:16Reported by GoogleType

osv🔗 osv.dev👁 24 Views

Previously disclosed vulnerability patched insufficiently in commit 205f1e6, leading to new path traversal vulnerability due to unprotected utility functions from user-defined implementations

Reporter	Title	Published	Views	Family All 78
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.14 and earlier	19 Jan 202418:01	–	ibm
IBM Security Bulletins	Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to remote security bypass due to Node.js package	10 Mar 202515:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM SDK for Node.js and packaged modules affect IBM Business Automation Workflow Configuration Editor	17 Jan 202407:19	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities	6 Dec 202316:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Local - Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components	7 May 202419:21	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Node.js	11 Dec 202309:42	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0247: nodejs:20 (ALINUX3-SA-2024:0247)	14 May 202500:00	–	nessus
Tenable Nessus	Fedora 38 : nodejs20 (2023-4d2fd884ea)	26 Oct 202300:00	–	nessus
Tenable Nessus	Fedora 39 : nodejs20 (2023-7b52921cae)	7 Nov 202300:00	–	nessus
Tenable Nessus	Fedora 37 : nodejs20 (2023-f66fc0f62a)	26 Oct 202300:00	–	nessus

Source	Link
hackerone	www.hackerone.com/reports/2092852
security	www.security.netapp.com/advisory/ntap-20231116-0009/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-39331
security	www.security.netapp.com/advisory/ntap-20241108-0002/

06 Nov 2025 13:25Current

8.1High risk

Vulners AI Score8.1

CVSS 3.17.5

CVSS 37.7

EPSS0.01325

SSVC