Showing 1 - 7 of 7

CVE-2023-32002

Status Candidate

Overview

The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.

Related Files

Debian Security Advisory 5589-1: Posted Dec 28, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5589-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data.; tags | advisory, web, denial of service, vulnerability; systems | linux, debian; advisories | CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559, CVE-2023-38552, CVE-2023-39333; SHA-256 | 99cc458c7d37e5ed3bbb9cd1ecafd2849b5c2bd6325b06e8297be7edef82db88; Download | Favorite | View

Red Hat Security Advisory 2023-5533-01: Posted Oct 10, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5533-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The package has been upgraded to a later upstream version: nodejs. Issues addressed include HTTP request smuggling, buffer overflow, bypass, crlf injection, and denial of service vulnerabilities.; tags | advisory, web, denial of service, overflow, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2022-25881, CVE-2022-4904, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559; SHA-256 | a1de4803284127ae04070476723bb3381abb23fa8706dae7ab1c90bb1713980b; Download | Favorite | View

Red Hat Security Advisory 2023-5532-01: Posted Oct 10, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5532-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a bypass vulnerability.; tags | advisory, javascript, bypass; systems | linux, redhat; advisories | CVE-2023-32002, CVE-2023-32006, CVE-2023-32559; SHA-256 | 65ebad59c8253e88e2143d622570a561509704bf12c8076c64a6937f8aabc54b; Download | Favorite | View

Red Hat Security Advisory 2023-5362-01: Posted Sep 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5362-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.; tags | advisory, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2022-25883, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559; SHA-256 | 495a3f24d2632110634309010865240af57a5ea7b556b056d308808eae784582; Download | Favorite | View

Red Hat Security Advisory 2023-5361-01: Posted Sep 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5361-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, bypass, and denial of service vulnerabilities.; tags | advisory, web, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2022-25883, CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559; SHA-256 | d17f1315e979971a3621829636966df0e1f09cfbdf28fa99e162ce75d2223793; Download | Favorite | View

Red Hat Security Advisory 2023-5360-01: Posted Sep 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5360-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.; tags | advisory, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2022-25883, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559; SHA-256 | e81e319d29d715b4f89864cf976c9fc33fedd006c1df0d2ae413f8194ec09eff; Download | Favorite | View

Red Hat Security Advisory 2023-5363-01: Posted Sep 27, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5363-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.; tags | advisory, denial of service, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2022-25883, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559; SHA-256 | c847a25ac05fb577d9d312fccc92714b065a2a75511c21413ff647b9c3fbba48; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 63 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
gabe_k 3 files
liquidsky 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2023-32002

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems