Lucene search
+L

4 matches found

OSV
OSV
added 2025/12/20 9:3 a.m.14 views

RLSA-2023:5362 Important: nodejs:18 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 18. BZ2234409 Security Fixes: nodejs: Permissions policies can be bypassed via...

8.8CVSS6.8AI score0.02761EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2023/09/26 2:59 p.m.2 views

nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()

A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...

8.8CVSS7.1AI score0.01273EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/09/26 2:56 p.m.4 views

nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()

A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...

8.8CVSS7.1AI score0.01273EPSS
Exploits0References5
OSV
OSV
added 2023/08/15 4:15 p.m.11 views

AZL-27926 CVE-2023-32006 affecting package nodejs18 for versions less than 18.17.1-2

The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...

8.8CVSS6.9AI score0.01273EPSS
Exploits0References1
Rows per page
Query Builder