CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2024-3566 – Command injection vulnerability in programing languages on Microsoft Windows operating system.
https://notcve.org/view.php?id=CVE-2024-3566
10 Apr 2024 — A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied. • https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30585
https://notcve.org/view.php?id=CVE-2023-30585
28 Nov 2023 — A vulnerability has been identified in the Node.js (.msi version) installation process, specifically affecting Windows users who install Node.js using the .msi installer. This vulnerability emerges during the repair operation, where the "msiexec.exe" process, running under the NT AUTHORITY\SYSTEM context, attempts to read the %USERPROFILE% environment variable from the current user's registry. The issue arises when the path referenced by the %USERPROFILE% environment variable does not exist. In such cases, ... • https://nodejs.org/en/blog/vulnerability/june-2023-security-releases •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2023-32559 – nodejs: Permissions policies can be bypassed via process.binding
https://notcve.org/view.php?id=CVE-2023-32559
24 Aug 2023 — A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. Existe una vulnerabilidad de... • https://hackerone.com/reports/1946470 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-32002 – nodejs: Permissions policies can be bypassed via Module._load
https://notcve.org/view.php?id=CVE-2023-32002
21 Aug 2023 — The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. El uso de 'Module. • https://hackerone.com/reports/1960870 • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-1268: Policy Privileges are not Assigned Consistently Between Control and Data Agents •
CVSS: 9.0EPSS: 1%CPEs: 5EXPL: 0CVE-2023-32006 – nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire()
https://notcve.org/view.php?id=CVE-2023-32006
15 Aug 2023 — The use of `module.constructor.createRequire()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. El uso de 'module.constructor.createRequire()' puede omitir el mecanismo de políticas y requerir módulos fuera de la definici... • https://hackerone.com/reports/2043807 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30581 – nodejs: mainModule.proto bypass experimental policy mechanism
https://notcve.org/view.php?id=CVE-2023-30581
31 Jul 2023 — The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js El uso de __proto__ en process.mainModule.__proto__.require() puede omitir el mecanismo de políticas y requerir módulos fuera de la de... • https://nodejs.org/en/blog/vulnerability/june-2023-security-releases •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30590 – nodejs: DiffieHellman do not generate keys after setting a private key
https://notcve.org/view.php?id=CVE-2023-30590
31 Jul 2023 — The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: "Generates private and public Diffie-Hellman key values". The documented behavior is very different from the actual behavior, and this difference could easily lead to security i... • https://lists.debian.org/debian-lts-announce/2024/03/msg00029.html •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30588 – nodejs: process interuption due to invalid Public Key information in x509 certificates
https://notcve.org/view.php?id=CVE-2023-30588
31 Jul 2023 — When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20. Cuando se ut... • https://nodejs.org/en/blog/vulnerability/june-2023-security-releases •
CVSS: 7.8EPSS: 9%CPEs: 5EXPL: 1CVE-2023-30589 – nodejs: HTTP Request Smuggling via Empty headers separated by CR
https://notcve.org/view.php?id=CVE-2023-30589
30 Jun 2023 — The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3, only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16, v18, and, v20 A vulnerability has been identified in the Node.js, where llhttp parser in the http module in Node.j... • https://hackerone.com/reports/2001873 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-23918 – Node.js: Permissions policies can be bypassed via process.mainModule
https://notcve.org/view.php?id=CVE-2023-23918
23 Feb 2023 — A privilege escalation vulnerability exists in Node.js <19.6.1, <18.14.1, <16.19.1 and <14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy. Node.js is a software development platform for building fast and scalable network applications in the JavaScript prog... • https://nodejs.org/en/blog/vulnerability/february-2023-security-releases • CWE-863: Incorrect Authorization •