Lucene search
K

nodejs: mainModule.proto bypass experimental policy mechanism

🗓️ 31 Jul 2023 09:36:57Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 6 Views

A Node.js vulnerability allows bypassing the policy mechanism via process.mainModule.proto.require to load modules outside policy file on Unix.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Node.js
27 Sep 202321:08
ibm
IBM Security Bulletins
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to several vulnerabilities in Node.js due to [CVE-2023-30581] [CVE-2023-30588] [CVE-2023-30589] [CVE-2023-30590]
7 Sep 202315:11
ibm
IBM Security Bulletins
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to permissions bypass, privilege escalation, key generation failure, denial of service and request smuggling due to vulnerabilities in Node.js
18 Aug 202308:18
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities in IBM SDK for Node.js and packaged modules affect IBM Business Automation Workflow Configuration Editor
26 Sep 202308:26
ibm
IBM Security Bulletins
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Node.js
29 Apr 202502:31
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.12 and earlier
8 Aug 202322:22
ibm
IBM Security Bulletins
Security Bulletin: IBM Spectrum Symphony with Node.js various security issues
29 Apr 202522:48
ibm
IBM Security Bulletins
Security Bulletin: Vulnerabilities in Node.js affects IBM Voice Gateway
31 Jan 202413:56
ibm
IBM Security Bulletins
Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Node.js
1 Aug 202309:43
ibm
Tenable Nessus
Amazon Linux 2023 : nodejs, nodejs-devel, nodejs-full-i18n (ALAS2023-2023-237)
20 Jul 202300:00
nessus
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux9aarch64nodejs1:16.20.1-1.el9_2nodejs-1:16.20.1-1.el9_2.aarch64.rpm
Red Hat Enterprise Linux9ppc64lenodejs1:16.20.1-1.el9_2nodejs-1:16.20.1-1.el9_2.ppc64le.rpm
Red Hat Enterprise Linux9s390xnodejs1:16.20.1-1.el9_2nodejs-1:16.20.1-1.el9_2.s390x.rpm
Red Hat Enterprise Linux9x86_64nodejs1:16.20.1-1.el9_2nodejs-1:16.20.1-1.el9_2.x86_64.rpm
Red Hat Enterprise Linux9aarch64nodejs-debuginfo1:16.20.1-1.el9_2nodejs-debuginfo-1:16.20.1-1.el9_2.aarch64.rpm
Red Hat Enterprise Linux9i686nodejs-debuginfo1:16.20.1-1.el9_2nodejs-debuginfo-1:16.20.1-1.el9_2.i686.rpm
Red Hat Enterprise Linux9ppc64lenodejs-debuginfo1:16.20.1-1.el9_2nodejs-debuginfo-1:16.20.1-1.el9_2.ppc64le.rpm
Red Hat Enterprise Linux9s390xnodejs-debuginfo1:16.20.1-1.el9_2nodejs-debuginfo-1:16.20.1-1.el9_2.s390x.rpm
Red Hat Enterprise Linux9x86_64nodejs-debuginfo1:16.20.1-1.el9_2nodejs-debuginfo-1:16.20.1-1.el9_2.x86_64.rpm
Red Hat Enterprise Linux9aarch64nodejs-debugsource1:16.20.1-1.el9_2nodejs-debugsource-1:16.20.1-1.el9_2.aarch64.rpm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 Nov 2025 18:42Current
7.1High risk
Vulners AI Score7.1
CVSS 3.17.5
EPSS0.0105
SSVC
6