7 matches found
Node.js: Permissions policies can be bypassed via process.mainModule
A privilege escalation vulnerability exists in Node.js 19.6.1, 18.14.1, 16.19.1 and 14.21.3 that made it possible to bypass the experimental Permissions https://nodejs.org/api/permissions.html feature in Node.js and access non authorized modules by using process.mainModule.require. This only...
The vulnerability of the `process.mainModule.require()` function in the Node.js software platform allows attackers to gain increased privileges.
The vulnerability of the process.mainModule.require function in the Node.js software platform is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
A privilege escalation vulnerability exists in Node.js <19.6.1 <18.14.1 <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.
...
DEBIAN-CVE-2023-23918
A privilege escalation vulnerability exists in Node.js 19.6.1, 18.14.1, 16.19.1 and 14.21.3 that made it possible to bypass the experimental Permissions https://nodejs.org/api/permissions.html feature in Node.js and access non authorized modules by using process.mainModule.require. This only...
AZL-13776 CVE-2023-23918 affecting package nodejs for versions less than 16.19.1-1
A privilege escalation vulnerability exists in Node.js 19.6.1, 18.14.1, 16.19.1 and 14.21.3 that made it possible to bypass the experimental Permissions https://nodejs.org/api/permissions.html feature in Node.js and access non authorized modules by using process.mainModule.require. This only...
ALPINE-CVE-2023-23918
A privilege escalation vulnerability exists in Node.js 19.6.1, 18.14.1, 16.19.1 and 14.21.3 that made it possible to bypass the experimental Permissions https://nodejs.org/api/permissions.html feature in Node.js and access non authorized modules by using process.mainModule.require. This only...
PT-2023-2003 · Node.Js +7 · Node.Js +7
Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 19.6.1 Node.js versions prior to 18.14.1 Node.js versions prior to 16.19.1 Node.js versions prior to 14.21.3 Description: A privilege escalation issue exists, related to errors in authorization. This issue can be...