CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32558 – Gentoo Linux Security Advisory 202405-29
https://notcve.org/view.php?id=CVE-2023-32558
12 Sep 2023 — The use of the deprecated API `process.binding()` can bypass the permission model through path traversal. This vulnerability affects all users using the experimental permission model in Node.js 20.x. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. El uso de la API obsoleta `process.binding()` puede omitir el modelo de permiso a través del Path Traversal. Esta vulnerabilidad afecta a todos los usuarios que utilizan el modelo de permisos experiment... • https://hackerone.com/reports/2051257 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32005 – Gentoo Linux Security Advisory 202405-29
https://notcve.org/view.php?id=CVE-2023-32005
12 Sep 2023 — A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the ... • https://hackerone.com/reports/2051224 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2023-32559 – nodejs: Permissions policies can be bypassed via process.binding
https://notcve.org/view.php?id=CVE-2023-32559
24 Aug 2023 — A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Existe una vulnerabilidad de... • https://hackerone.com/reports/1946470 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32002 – nodejs: Permissions policies can be bypassed via Module._load
https://notcve.org/view.php?id=CVE-2023-32002
21 Aug 2023 — The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. El uso de 'Module. • https://hackerone.com/reports/1960870 • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-1268: Policy Privileges are not Assigned Consistently Between Control and Data Agents •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32003 – Gentoo Linux Security Advisory 202405-29
https://notcve.org/view.php?id=CVE-2023-32003
15 Aug 2023 — `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. fs.mkdtemp()' y 'fs.mkdtempSync()' se pueden usar para om... • https://hackerone.com/reports/2037887 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2023-32004 – Gentoo Linux Security Advisory 202405-29
https://notcve.org/view.php?id=CVE-2023-32004
15 Aug 2023 — A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. Se ha descubierto una vulnerabilidad en Node.js versión 20... • https://hackerone.com/reports/2038134 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 1%CPEs: 5EXPL: 0CVE-2023-32006 – nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
https://notcve.org/view.php?id=CVE-2023-32006
15 Aug 2023 — The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. El uso de 'module.constructor.createRequire()' puede omitir el mecanismo de políticas y requerir módulos fuera de la definici... • https://hackerone.com/reports/2043807 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30581 – nodejs: mainModule.proto bypass experimental policy mechanism
https://notcve.org/view.php?id=CVE-2023-30581
31 Jul 2023 — The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js El uso de __proto__ en process.mainModule.__proto__.require() puede omitir el mecanismo de políticas y requerir módulos fuera de la de... • https://nodejs.org/en/blog/vulnerability/june-2023-security-releases •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30590 – nodejs: DiffieHellman do not generate keys after setting a private key
https://notcve.org/view.php?id=CVE-2023-30590
31 Jul 2023 — The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: "Generates private and public Diffie-Hellman key values". The documented behavior is very different from the actual behavior, and this difference could easily lead to security i... • https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html •