Lucene search
+L

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.2 views

TencentOS Server 4: nodejs (TSSA-2024:0614)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0614 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7AI score0.03906EPSS
Exploits4References16
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0247: nodejs:20 (ALINUX3-SA-2024:0247)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0247 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-39331: A previously disclosed...

9.8CVSS7AI score0.01819EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.16 views

Photon OS 5.0: Nodejs PHSA-2023-5.0-0132

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0132. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS7.3AI score0.01819EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/07 7:21 p.m.57 views

Security Bulletin: IBM Planning Analytics Local - Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software OSS components consumed by IBM Planning Analytics Local - Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics Local - Planning Analytics Workspace 2.1.2 and IBM Planning Analytics Local -...

9.8CVSS10AI score0.9077EPSS
Exploits7Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/14 5:0 p.m.77 views

Important: Red Hat Security Advisory: nodejs:20 security update

An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7.1AI score0.99999EPSS
Exploits19References8
OpenVAS
OpenVAS
added 2023/11/05 12:0 a.m.35 views

Fedora: Security Advisory (FEDORA-2023-7b52921cae)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.99999EPSS
Exploits19References32
OpenVAS
OpenVAS
added 2023/10/28 12:0 a.m.40 views

Fedora: Security Advisory for nodejs20 (FEDORA-2023-f66fc0f62a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.99999EPSS
Exploits19References4
F5 Networks
F5 Networks
added 2023/10/23 9:42 p.m.47 views

K000137330: Node.JS vulnerabilities CVE-2023-38552, CVE-2023-39331, CVE-2023-39332, and CVE-2023-3933

Security Advisory Description CVE-2023-38552 When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check...

9.8CVSS6.5AI score0.01819EPSS
Exploits0
Circl
Circl
added 2023/10/18 7:33 a.m.13 views

CVE-2023-39332

creationtimestamp| type| source ---|---|--- 2023-10-18 07:33:24+00:00| seen| https://t.me/cibsecurity/72477 2024-11-14 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08...

9.8CVSS7AI score0.01819EPSS
Exploits0References2
Chainguard
Chainguard
added 2023/10/18 4:15 a.m.38 views

CVE-2023-39332 vulnerabilities

Vulnerabilities for packages: nodejs...

9.8CVSS9.5AI score0.01819EPSS
Exploits0
Wolfi
Wolfi
added 2023/10/18 4:15 a.m.418 views

CVE-2023-39332 vulnerabilities

Vulnerabilities for packages: nodejs...

9.8CVSS9.7AI score0.01819EPSS
Exploits0
NVD
NVD
added 2023/10/18 4:15 a.m.40 views

CVE-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

9.8CVSS8.7AI score0.01819EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/10/18 4:15 a.m.41 views

CVE-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

9.8CVSS6.9AI score0.01819EPSS
Exploits0References2
CVE
CVE
added 2023/10/18 3:55 a.m.804 views

CVE-2023-39332

CVE-2023-39332 concerns Node.js: certain node:fs path operations permit traversal when paths are provided as non-Buffer Uint8Array objects. The vulnerability contrasts with existing mitigations for string paths and Buffer paths (CVE-2023-30584 and CVE-2023-32004). The issue arises in environments...

9.8CVSS8.6AI score0.01819EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2023/10/18 3:55 a.m.40 views

CVE-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

9.8CVSS7.7AI score0.01819EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/10/12 12:0 a.m.39 views

Node.js 18.x < 18.18.2, 20.x < 20.8.1 Multiple Vulnerabilities - Mac OS X

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...

9.8CVSS8.1AI score0.99999EPSS
Exploits19References9
Rows per page
Query Builder