The vulnerability of the pbkdf2 library in the Node.js software platform, which allows attackers to forge digital signatures

The vulnerability of the pbkdf2 library in the Node.js software platform is related to deficiencies in the mechanism for verifying input data. Exploiting this vulnerability allows a malicious actor to forge digital signatures by sending specially crafted packets...

The vulnerability of the chown package on the Node.js software platform allows a malicious actor to gain unauthorized access to arbitrary directories.

The vulnerability of the chown package on the Node.js software platform is related to synchronization errors when using a shared resource „Race Condition“. Exploiting this vulnerability can allow an attacker to gain unauthorized access to arbitrary directories...

CVE-2023-34109 User input results in Unbounded resource consumption in @zxcvbn-ts/core

zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with...

The vulnerability of the Node.js software platform, related to errors in the implementation of authentication procedures, allows attackers to disclose sensitive information that should be protected.

The vulnerability of the Node.js software platform is related to errors in the implementation of authentication procedures. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that is protected by the system...

Vulnerability of the Node.js software platform’s Relative Distinguished Name (RDN) component, which allows attackers to perform spoofing attacks

The vulnerability of the Relative Distinguished Name RDN component in the Node.js software platform is related to errors in the certificate validation process. Exploiting this vulnerability allows attackers to perform spear-phishing attacks remotely...

The vulnerability of the Node.js software platform, related to the use of memory after it is freed, allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Node.js software platform is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker who operates remotely to gain access to confidential data, compromise its integrity, and cause service failures...

OESA-2021-1409 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

The vulnerability of the uv__idna_toascii() function on the Node.js software platform, which allows a hacker to trigger a service failure or gain unauthorized access to protected information.

The vulnerability of the uvidnatoascii function on the Node.js platform is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures or gain unauthorized access to protected information...

The vulnerability of the Node.js software platform, related to the presence of localhost6 in the white list, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Node.js software platform is related to the presence of localhost6 in the white list. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...

Important: Red Hat Security Advisory: nodejs:12 security update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

The vulnerability of the DoWrite method implementation in the Node.js software platform allows a perpetrator to trigger a service failure or cause other adverse effects.

The vulnerability of the DoWrite method implementation in the Node.js software platform is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to cause service failures or other adverse effects from a remote perspective...