Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-23919

Опубликовано: 23 фев. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

18.19.1+dfsg-2ubuntu4
esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/noble

not-affected

18.19.1+dfsg-2ubuntu4
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
focal

not-affected

code not present
jammy

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 68%
0.00599
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-23919

CVSS3: 7.5
redhat
больше 2 лет назад

A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.

nvd логотип

CVE-2023-23919

CVSS3: 7.5
nvd
больше 2 лет назад

A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.

msrc логотип

CVE-2023-23919

CVSS3: 7.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2023-23919

CVSS3: 7.5
debian
больше 2 лет назад

A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16 ...

github логотип

GHSA-mfq6-mjjx-mp7f

CVSS3: 7.5
github
больше 2 лет назад

A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.

EPSS

Процентиль: 68%
0.00599
Низкий

7.5 High

CVSS3