Количество 15
Количество 15
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may h ...
GHSA-f27j-4f6g-jp27
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
BDU:2024-01672
Уязвимость программной платформы Node.js, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями
ROS-20240812-08
Уязвимость nodejs
ELSA-2024-1510
ELSA-2024-1510: nodejs:18 security update (IMPORTANT)
ELSA-2024-1503
ELSA-2024-1503: nodejs:18 security update (IMPORTANT)
SUSE-SU-2024:0730-1
Security update for nodejs18
SUSE-SU-2024:0644-1
Security update for nodejs18
ELSA-2024-1688
ELSA-2024-1688: nodejs:20 security update (IMPORTANT)
ELSA-2024-1687
ELSA-2024-1687: nodejs:20 security update (IMPORTANT)
SUSE-SU-2024:0643-1
Security update for nodejs20
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 7.8 | 0% Низкий | больше 1 года назад |
 | CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 8.1 | 0% Низкий | больше 1 года назад |
 | CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 7.8 | 0% Низкий | больше 1 года назад |
 | CVSS3: 7.8 | 0% Низкий | больше 1 года назад | |
| CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may h ... | CVSS3: 7.8 | 0% Низкий | больше 1 года назад |
| GHSA-f27j-4f6g-jp27 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
 | BDU:2024-01672 Уязвимость программной платформы Node.js, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
 | ROS-20240812-08 Уязвимость nodejs | CVSS3: 8.8 | 0% Низкий | 10 месяцев назад |
| ELSA-2024-1510 ELSA-2024-1510: nodejs:18 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-1503 ELSA-2024-1503: nodejs:18 security update (IMPORTANT) | около 1 года назад | ||
 | SUSE-SU-2024:0730-1 Security update for nodejs18 | больше 1 года назад | ||
| SUSE-SU-2024:0644-1 Security update for nodejs18 | больше 1 года назад | ||
| ELSA-2024-1688 ELSA-2024-1688: nodejs:20 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-1687 ELSA-2024-1687: nodejs:20 security update (IMPORTANT) | около 1 года назад | ||
| SUSE-SU-2024:0643-1 Security update for nodejs20 | больше 1 года назад |
Уязвимостей на страницу