Ubuntu Security Update USN-6822-1: Node.js vulnerabilities

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,780
Reaction score
94
Credits
-1,257
It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to bypass the policy mechanism. (CVE-2023-32002, CVE-2023-32006) It was discovered that Node.js incorrectly handled certain inputs when it is using the policy mechanism. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation. (CVE-2023-32559)

Continue reading...
 


Follow Linux.org

Staff online

Members online


Top