Lucene search
K

4 matches found

AlmaLinux
AlmaLinux
added 2023/10/09 12:0 a.m.88 views

Important: nodejs security and bug fix update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs: Permissions policies can impersonate other modules in using...

9.8CVSS7AI score0.01484EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.25 views

RHEL 9 : nodejs:18 (RHSA-2023:5363)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5363 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.3AI score0.02761EPSS
Exploits2References12
Mageia
Mageia
added 2023/03/01 9:14 p.m.66 views

Updated nodejs packages fix security vulnerability

The following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule High CVE-2023-23920: Node.js insecure loading of ICU data through ICUDATA environment variable Low More detailed information on each of the vulnerabilities can be foun...

7.5CVSS6.6AI score0.02023EPSS
Exploits0References4
NVD
NVD
added 2020/06/18 6:15 p.m.17 views

CVE-2020-13882

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and contro...

4.2CVSS0.00256EPSS
Exploits0References4
Rows per page
Query Builder