ReportizFlow
Filtered by vendor Nodejs
Subscriptions
Filtered by product Nodejs
Subscriptions
Total
16 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-21891 | 2 Nodejs, Redhat | 3 Node.js, Nodejs, Enterprise Linux | 2025-03-28 | 8.8 High |
| Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions, which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | ||||
| CVE-2024-22020 | 2 Nodejs, Redhat | 2 Nodejs, Enterprise Linux | 2025-03-14 | 6.5 Medium |
| A security flaw in Node.js allows a bypass of network import restrictions. By embedding non-network imports in data URLs, an attacker can execute arbitrary code, compromising system security. Verified on various platforms, the vulnerability is mitigated by forbidding data URLs in network imports. Exploiting this flaw can violate network import security, posing a risk to developers and servers. | ||||
| CVE-2024-27983 | 2 Nodejs, Redhat | 7 Nodejs, Enterprise Linux, Rhel Aus and 4 more | 2025-03-14 | 7.5 High |
| An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. | ||||
| CVE-2024-22017 | 2 Nodejs, Redhat | 2 Nodejs, Enterprise Linux | 2025-02-13 | 7.3 High |
| setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects all users using version greater or equal than Node.js 18.18.0, Node.js 20.4.0 and Node.js 21. | ||||
| CVE-2023-32559 | 2 Nodejs, Redhat | 4 Node.js, Nodejs, Enterprise Linux and 1 more | 2025-02-13 | 7.5 High |
| A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. | ||||
| CVE-2023-32002 | 2 Nodejs, Redhat | 4 Node.js, Nodejs, Enterprise Linux and 1 more | 2025-02-13 | 9.8 Critical |
| The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. | ||||
| CVE-2024-36138 | 1 Nodejs | 1 Nodejs | 2024-11-21 | N/A |
| Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled. | ||||
| CVE-2023-39333 | 2 Nodejs, Redhat | 2 Nodejs, Enterprise Linux | 2024-11-21 | 5.3 Medium |
| Maliciously crafted export names in an imported WebAssembly module can inject JavaScript code. The injected code may be able to access data and functions that the WebAssembly module itself does not have access to, similar to as if the WebAssembly module was a JavaScript module. This vulnerability affects users of any active release line of Node.js. The vulnerable feature is only available if Node.js is started with the `--experimental-wasm-modules` command line option. | ||||
| CVE-2023-30587 | 1 Nodejs | 1 Nodejs | 2024-11-21 | 7.5 High |
| A vulnerability in Node.js version 20 allows for bypassing restrictions set by the --experimental-permission flag using the built-in inspector module (node:inspector). By exploiting the Worker class's ability to create an "internal worker" with the kIsInternal Symbol, attackers can modify the isInternal value when an inspector is attached within the Worker constructor before initializing a new WorkerImpl. This vulnerability exclusively affects Node.js users employing the permission model mechanism. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | ||||
| CVE-2023-30584 | 1 Nodejs | 1 Nodejs | 2024-11-21 | 7.7 High |
| A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | ||||
| CVE-2023-30583 | 1 Nodejs | 1 Nodejs | 2024-11-21 | 7.5 High |
| fs.openAsBlob() can bypass the experimental permission model when using the file system read restriction with the `--allow-fs-read` flag in Node.js 20. This flaw arises from a missing check in the `fs.openAsBlob()` API. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | ||||
| CVE-2023-30582 | 1 Nodejs | 1 Nodejs | 2024-11-21 | 5.3 Medium |
| A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file watching through the fs.watchFile API. As a result, malicious actors can monitor files that they do not have explicit read access to. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | ||||
| CVE-2014-5256 | 2 Nodejs, Redhat | 2 Nodejs, Rhel Software Collections | 2024-11-21 | N/A |
| Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service (memory corruption and application crash) via deep JSON objects whose parsing lets this interrupt mask an overflow of the program stack. | ||||
| CVE-2013-4450 | 2 Nodejs, Redhat | 2 Nodejs, Rhel Software Collections | 2024-11-21 | N/A |
| The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined requests without reading the response. | ||||
| CVE-2012-2330 | 1 Nodejs | 1 Nodejs | 2024-11-21 | N/A |
| The Update method in src/node_http_parser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information (request header contents) and possibly spoof HTTP headers via a zero length string. | ||||
| CVE-2023-46809 | 2 Nodejs, Redhat | 3 Nodejs, Enterprise Linux, Rhel Eus | 2024-09-09 | 7.4 High |
| Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/~hkario/marvin/, if PCKS #1 v1.5 padding is allowed when performing RSA descryption using a private key. | ||||
Page 1 of 1.