12 matches found
USN-6735-1 nodejs vulnerabilities
It was discovered that Node.js incorrectly handled the use of invalid public keys while creating an x509 certificate. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue...
CVE-2023-30590
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...
CVE-2023-30590
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...
DEBIAN-CVE-2023-30590
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...
CVE-2023-30590
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...
Design/Logic Flaw
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...
CVE-2023-30590
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...
The vulnerability of the generateKeys() function in the Node.js software platform allows a hacker to circumvent existing security restrictions.
The vulnerability of the APIgenerateKeys function in the Node.js software platform is related to discrepancies between implementation and documented design. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...
nodejs: DiffieHellman do not generate keys after setting a private key
A vulnerability has been identified in the Node.js, where a generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet...
CVE-2023-30590
A vulnerability has been identified in the Node.js, where a generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet...
SUSE SLES15 / openSUSE 15 Security Update : nodejs16 (SUSE-SU-2023:2663-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2663-1 advisory. - The vulnerability exists due to the use of proto in process.mainModule.proto.require. This allows to bypass the...
SUSE CVE-2023-30590
The generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey. However, the...