Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-30581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The use of proto in process.mainModule.proto.require can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerabili...

7.5CVSS7.5AI score0.0105EPSS
Exploits0References3
OSV
OSV
added 2024/12/16 1:58 p.m.15 views

BIT-NODE-MIN-2023-32002

The use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CV...

9.8CVSS8.2AI score0.0143EPSS
Exploits0References3
OSV
OSV
added 2024/12/16 1:57 p.m.9 views

BIT-NODE-MIN-2023-32559

A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API process.binding can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding'spawnsyn...

7.5CVSS8.9AI score0.01484EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/11/22 12:0 a.m.49 views

Oracle Linux 8 : nodejs:20 (ELSA-2023-7205)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7205 advisory. - Fixes CVE-2023-44487 nghttp Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

9.8CVSS7.3AI score0.99999EPSS
Exploits19References7
Rows per page
Query Builder