Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-39331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the...

7.7CVSS6.9AI score0.01325EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-43062

Malicious code in bioql PyPI...

7.7CVSS7.1AI score0.01325EPSS
Exploits0References2
OSV
OSV
added 2024/12/16 1:56 p.m.19 views

BIT-NODE-MIN-2023-39331

A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please...

7.7CVSS8.1AI score0.01325EPSS
Exploits0References4
Chainguard
Chainguard
added 2024/09/07 4:15 p.m.190 views

CVE-2023-30584 vulnerabilities

Vulnerabilities for packages: nodejs...

7.7CVSS7.6AI score0.00379EPSS
Exploits0
Wolfi
Wolfi
added 2024/09/07 4:15 p.m.277 views

CVE-2023-30584 vulnerabilities

Vulnerabilities for packages: nodejs...

7.7CVSS7.9AI score0.00379EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/09/07 4:15 p.m.22 views

CVE-2023-30584

A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions. Please note that at the time this CVE was issued, the permission model is an...

7.7CVSS6.9AI score0.00379EPSS
Exploits0References2
CVE
CVE
added 2024/09/07 4:0 p.m.510 views

CVE-2023-30584

CVE-2023-30584 affects Node.js 20 with the experimental permission model. It describes a path traversal bypass in how file permissions are verified due to improper handling within the experimental permission model. The vulnerability is described as local with high confidentiality and integrity im...

7.7CVSS8.5AI score0.00379EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/09/07 4:0 p.m.66 views

CVE-2023-30584

A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions. Please note that at the time this CVE was issued, the permission model is an...

7.7CVSS7.3AI score0.00379EPSS
Exploits0
OSV
OSV
added 2024/03/06 10:59 a.m.49 views

BIT-NODE-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

9.8CVSS8.4AI score0.01819EPSS
Exploits0References5
Hacker One
Hacker One
added 2023/11/17 5:45 p.m.61 views

Internet Bug Bounty: Path traversal through path stored in Uint8Array in Node.js 20

A path traversal vulnerability was discovered in Node.js 20 through paths stored in Uint8Array objects. The vulnerability allowed bypassing path sanitization protections and reading arbitrary files outside of a restricted directory. The issue was addressed by properly sanitizing Uint8Array paths ...

9.8CVSS8.5AI score0.01819EPSS
Exploits0
OSV
OSV
added 2023/10/26 6:23 a.m.47 views

BIT-2023-39331

A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations.Please...

7.7CVSS8.8AI score0.01325EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/10/26 6:23 a.m.49 views

BIT-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

9.8CVSS7.2AI score0.01819EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2023/10/25 1:58 p.m.52 views

Internet Bug Bounty: Permission model improperly protects against path traversal in Node.js 20

A path traversal vulnerability was introduced in Node.js 20 due to insufficient patching of CVE-2023-30584. The vulnerability arises because the permission model implementation does not protect itself against the application overwriting built-in utility functions like path.resolve with user-defin...

7.7CVSS8.5AI score0.01325EPSS
Exploits0
Circl
Circl
added 2023/10/18 7:33 a.m.0 views

CVE-2023-30584

creationtimestamp| type| source ---|---|--- 2023-10-18 07:33:24+00:00| seen| https://t.me/cibsecurity/72477 2023-10-18 07:33:25+00:00| seen| https://t.me/cibsecurity/72478 2024-09-07 19:20:37+00:00| seen| https://t.me/cvedetector/5033 2024-11-14 12:00:00+00:00| seen|...

7.7CVSS7.6AI score0.00379EPSS
Exploits0References4
Prion
Prion
added 2023/10/18 4:15 a.m.20 views

Path traversal

A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please...

3.6CVSS8.3AI score0.01325EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/10/18 3:55 a.m.770 views

CVE-2023-39331

The CVE-2023-39331 entry concerns Node.js 20 with the experimental permission model. The vulnerability stems from insufficient protection against path traversal when the application overwrites built-in utility functions with user-defined implementations, following a previously disclosed issue (CV...

7.7CVSS8.3AI score0.01325EPSS
Exploits0References3Affected Software1
Hacker One
Hacker One
added 2023/10/10 3:18 p.m.106 views

Node.js: Path traversal through path stored in Uint8Array

A vulnerability was discovered in Node.js that allowed path traversal through Uint8Array objects. This vulnerability affected users using the experimental permission model in Node.js 20...

9.8CVSS8.5AI score0.01819EPSS
Exploits0
Hacker One
Hacker One
added 2023/08/01 10:30 p.m.49 views

Node.js: Permission model improperly protects against path traversal

Vulnerability description not provided...

7.5CVSS8.5AI score0.01325EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/06/22 2:38 a.m.6 views

SUSE CVE-2023-30584

A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions. Please note that at the time this CVE was issued, the permission model is an...

7.7CVSS8.2AI score0.00379EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/06/21 12:0 a.m.26 views

Node.js 16.x < 16.20.1, 18.x < 18.16.1, 20.x < 20.3.1 Multiple Vulnerabilities - Windows

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

7.7CVSS7.6AI score0.73461EPSS
Exploits1References1
Rows per page
Query Builder