Showing 1 - 4 of 4

CVE-2023-38552

Status Candidate

Overview

When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check. Impacts: This vulnerability affects all users using the experimental policy mechanism in all active release lines: 18.x and, 20.x. Please note that at the time this CVE was issued, the policy mechanism is an experimental feature of Node.js.

Related Files

Debian Security Advisory 5589-1: Posted Dec 28, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5589-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of policy feature checks, denial of service or loading of incorrect ICU data.; tags | advisory, web, denial of service, vulnerability; systems | linux, debian; advisories | CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-30581, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590, CVE-2023-32002, CVE-2023-32006, CVE-2023-32559, CVE-2023-38552, CVE-2023-39333; SHA-256 | 99cc458c7d37e5ed3bbb9cd1ecafd2849b5c2bd6325b06e8297be7edef82db88; Download | Favorite | View

Red Hat Security Advisory 2023-7205-01: Posted Nov 15, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-7205-01 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2023-38552; SHA-256 | 0e5b67d8f7a5432c0a6581d8ee0d029cf8740ce4294bf9155585077cf58a3c2e; Download | Favorite | View

Red Hat Security Advisory 2023-5869-01: Posted Oct 19, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5869-01 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-38552; SHA-256 | 7aba2ac2b49daaa4f7ae949930e32a3b6404c9ba301a9ffd08e40cd253605788; Download | Favorite | View

Red Hat Security Advisory 2023-5849-01: Posted Oct 19, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5849-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, javascript; systems | linux, redhat; advisories | CVE-2023-38552; SHA-256 | 4cd8422245370ccb596477251bb031a87f869e2a9b3e9e7e885237856993e7e9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 276 files
Ubuntu 65 files
Debian 25 files
Gentoo 16 files
LiquidWorm 10 files
nu11secur1ty 5 files
kai6u 3 files
Adam Gowdiak 3 files
liquidsky 3 files
gabe_k 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,028)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,483)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,509)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,710)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,480)
UNIX (9,395)
UnixWare (187)
Windows (6,653)
Other

CVE-2023-38552

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems