4 matches found
RLSA-2023:5362 Important: nodejs:18 security, bug fix, and enhancement update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18. BZ2234409 Security Fixes: nodejs: Permissions policies can be bypassed via...
nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...
nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...
AZL-27926 CVE-2023-32006 affecting package nodejs18 for versions less than 18.17.1-2
The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...