Lucene search
K

37 matches found

OSV
OSV
added 2025/11/05 4:54 p.m.8 views

CLSA-2025-1762361695 nodejs: Fix of CVE-2023-39333

CVE-2023-39333: fix maliciously crafted export names injection of JavaScript code...

5.3CVSS7AI score0.00936EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-39333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that t...

5.3CVSS6.8AI score0.00936EPSS
Exploits0References3
Circl
Circl
added 2024/09/07 7:20 p.m.4 views

CVE-2023-39333

creationtimestamp| type| source ---|---|--- 2024-09-07 19:20:33+00:00| seen| https://t.me/cvedetector/5032 2024-11-14 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

5.3CVSS6.5AI score0.00936EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/09/07 4:15 p.m.36 views

CVE-2023-39333

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...

5.3CVSS6.8AI score0.00936EPSS
Exploits0References3
CVE
CVE
added 2024/09/07 4:0 p.m.205 views

CVE-2023-39333

CVE-2023-39333 : Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may access data and functions that the WebAssembly module itself cannot access, effectively behaving like a JavaScript module. Affected software: Node.js on any active...

5.3CVSS6.7AI score0.00936EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/09/07 4:0 p.m.17 views

CVE-2023-39333

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...

6.4AI score0.00936EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/09/07 4:0 p.m.28 views

CVE-2023-39333

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...

5.3CVSS6.6AI score0.00936EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/09/07 4:0 p.m.70 views

CVE-2023-39333

Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability...

5.3CVSS8.1AI score0.00936EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.16 views

Photon OS 5.0: Nodejs PHSA-2023-5.0-0132

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0132. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.3AI score0.01819EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.33 views

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-semver: Regular expression denial of service CVE-2022-25883 Note that Nessus has not tested for this issue b...

7.5CVSS6.9AI score0.02761EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 8 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs: Unitialized buffer due to incorrect encoding CVE-2017-15897 Note that Nessus has not tested for this issue...

3.1CVSS6.2AI score0.02303EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.40 views

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs: integrity checks according to policies can be circumvented CVE-2023-38552 - Maliciously crafted...

7.3AI score0.01302EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/07 7:21 p.m.54 views

Security Bulletin: IBM Planning Analytics Local - Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Local - Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics Local - Planning Analytics Workspace 2.1.2 and IBM Planning Analytics Local -...

9.8CVSS10AI score0.89804EPSS
Exploits7Affected Software1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.40 views

openSUSE: Security Advisory for nodejs18 (SUSE-SU-2023:4207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References4
Debian
Debian
added 2023/12/27 10:12 p.m.33 views

[SECURITY] [DSA 5589-1] nodejs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5589-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 27, 2023 https://www.debian.org/security/faq -...

9.8CVSS7.5AI score0.03906EPSS
Exploits3
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/14 10:38 a.m.36 views

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to security restrictions bypass due to [CVE-2023-38552], [CVE-2023-39333]

Summary The Node.js runtime is used by IBM App Connect Enterprise Certified Container in all operands. IBM App Connect Enterprise Certified Container operands are vulnerable to security restrictions bypass. This bulletin provides patch information to address the reported vulnerability in Node.js...

7.5CVSS6.9AI score0.01107EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/14 5:0 p.m.75 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.99999EPSS
Exploits19References8
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.42 views

Fedora: Security Advisory (FEDORA-2023-dbe64661af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.5AI score0.99999EPSS
Exploits19References5
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.35 views

Fedora: Security Advisory (FEDORA-2023-7b52921cae)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.99999EPSS
Exploits19References32
OpenVAS
OpenVAS
added 2023/10/28 12:0 a.m.40 views

Fedora: Security Advisory for nodejs20 (FEDORA-2023-f66fc0f62a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.99999EPSS
Exploits19References4
Rows per page
Query Builder