CVE-2023-23920
4.2MEDIUMAn untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated priv
Publicado: 2/23/2023Atualizado: 3/17/2025
Descrição
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.
Análise IADesenvolvido por IA
Produtos Afetados
nodejsnode.js
nodejsnode.js
nodejsnode.js
nodejsnode.js
nodejsnode.js
nodejsnode.js
nodejsnode.js
debiandebian_linux
10.0
Referências
- https://lists.debian.org/debian-lts-announce/2023/02/msg00038.htmlMailing List
- https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/PatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20230316-0008/
- https://www.debian.org/security/2023/dsa-5395
- https://lists.debian.org/debian-lts-announce/2023/02/msg00038.htmlMailing List
- https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/PatchVendor Advisory
- https://security.netapp.com/advisory/ntap-20230316-0008/
- https://www.debian.org/security/2023/dsa-5395