It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass the policy mechanism. (CVE-2023-32002, CVE-2023-32006)
It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation. (CVE-2023-32559)
{ "availability": "No subscription required", "binaries": [ { "nodejs-doc": "12.22.9~dfsg-1ubuntu3.6", "libnode72": "12.22.9~dfsg-1ubuntu3.6", "nodejs": "12.22.9~dfsg-1ubuntu3.6", "libnode-dev": "12.22.9~dfsg-1ubuntu3.6", "libnode72-dbgsym": "12.22.9~dfsg-1ubuntu3.6", "nodejs-dbgsym": "12.22.9~dfsg-1ubuntu3.6" } ] }
{ "availability": "No subscription required", "binaries": [ { "libnode108": "18.13.0+dfsg1-1ubuntu2.3", "libnode108-dbgsym": "18.13.0+dfsg1-1ubuntu2.3", "nodejs": "18.13.0+dfsg1-1ubuntu2.3", "libnode-dev": "18.13.0+dfsg1-1ubuntu2.3", "nodejs-doc": "18.13.0+dfsg1-1ubuntu2.3", "nodejs-dbgsym": "18.13.0+dfsg1-1ubuntu2.3" } ] }