Lucene search
K

9 matches found

Wolfi
Wolfi
added 2024/09/07 4:15 p.m.49 views

CVE-2023-30587 vulnerabilities

Vulnerabilities for packages: nodejs...

7.5CVSS7.8AI score0.00747EPSS
Exploits0
Chainguard
Chainguard
added 2024/09/07 4:15 p.m.42 views

CVE-2023-30587 vulnerabilities

Vulnerabilities for packages: nodejs...

7.5CVSS7.6AI score0.00747EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/09/07 4:15 p.m.31 views

CVE-2023-30587

A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module node:inspector. By exploiting the Worker class's ability to create an "internal worker" with the kIsInternal Symbol, attackers can modify the...

7.5CVSS7.1AI score0.00747EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/09/07 4:0 p.m.43 views

CVE-2023-30587

A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module node:inspector. By exploiting the Worker class's ability to create an "internal worker" with the kIsInternal Symbol, attackers can modify the...

7.5CVSS7.6AI score0.00747EPSS
Exploits0
Hacker One
Hacker One
added 2023/09/30 7:26 p.m.78 views

Internet Bug Bounty: Permissions policies can be bypassed via Module._load and require.extensions (High) (CVE-2023-30587)

A vulnerability in the experimental permissions policy mechanism in Node.js was reported. The use of Module.load could bypass the policy and require unauthorized modules. This affected all active release lines. The vulnerability was reported by a researcher and fixed by the Node.js security team...

9.8CVSS8.7AI score0.0143EPSS
Exploits0
Hacker One
Hacker One
added 2023/07/21 4:12 a.m.84 views

Internet Bug Bounty: CVE-2023-30587 Process-based permissions can be bypassed with the "inspector" module.

A vulnerability in Node.js version 20 allowed for the bypassing of restrictions set by the --experimental-permission flag using the built-in inspector module. This vulnerability affected Node.js users who were using the permission model mechanism in Node.js 20...

7.5CVSS7.4AI score0.00747EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/06/22 2:38 a.m.4 views

SUSE CVE-2023-30587

A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module node:inspector. By exploiting the Worker class's ability to create an "internal worker" with the kIsInternal Symbol, attackers can modify the...

7.5CVSS9AI score0.00747EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/06/21 12:0 a.m.26 views

Node.js 16.x < 16.20.1, 18.x < 18.16.1, 20.x < 20.3.1 Multiple Vulnerabilities - Windows

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

7.7CVSS7.6AI score0.75116EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/06/21 12:0 a.m.29 views

Node.js 16.x < 16.20.1, 18.x < 18.16.1, 20.x < 20.3.1 Multiple Vulnerabilities - Mac OS X

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

7.7CVSS7.1AI score0.75116EPSS
Exploits1References1
Rows per page
Query Builder