13 matches found
BIT-NODE-2023-32006
The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...
nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...
nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...
nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...
nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
A vulnerability was found in NodeJS. This security issue occurs as the use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module...
RHEL 9 : nodejs:18 (RHSA-2023:5363)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5363 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
The vulnerability of the module module.constructor.createRequire() in the Node.js software platform allows a hacker to circumvent established security restrictions.
The vulnerability of the module module.constructor.createRequire in the Node.js software platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to circumvent established security restrictions remotely...
CVE-2023-32006
The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...
DEBIAN-CVE-2023-32006
The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...
CVE-2023-32006
The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...
UBUNTU-CVE-2023-32006
The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...
CVE-2023-32006
The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...
Node.js: Policy-restricted modules can escalate to higher privileges by impersonating other modules in a policy list using module.constructor.createRequire()
A vulnerability was discovered in Node.js that allowed policy-restricted modules to gain higher privileges by impersonating other modules in a policy list using module.constructor.createRequire. This vulnerability affected all users using the experimental policy mechanism in Node.js versions 16.x...