4 matches found
CVE-2023-39331
A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please...
CVE-2023-39331
A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please...
CVE-2023-39331
The CVE-2023-39331 entry concerns Node.js 20 with the experimental permission model. The vulnerability stems from insufficient protection against path traversal when the application overwrites built-in utility functions with user-defined implementations, following a previously disclosed issue (CV...
Node.js: Permission model improperly protects against path traversal
Vulnerability description not provided...