Количество 19
Количество 19
CVE-2025-23083
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23.
CVE-2025-23083
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23.
CVE-2025-23083
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23.
CVE-2025-23083
CVE-2025-23083
With the aid of the diagnostics_channel utility, an event can be hooke ...
GHSA-wv7p-rjf3-9fr5
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23.
BDU:2025-03339
Уязвимость утилиты diagnostics_channel программной платформы Node.js, позволяющая нарушителю обойти внедренные ограничения безопасности
SUSE-SU-2025:0284-1
Security update for nodejs22
SUSE-SU-2025:0237-1
Security update for nodejs20
SUSE-SU-2025:0232-1
Security update for nodejs20
RLSA-2025:1613
Important: nodejs:22 security update
RLSA-2025:1611
Important: nodejs:22 security update
RLSA-2025:1443
Important: nodejs:20 security update
RLSA-2025:1351
Important: nodejs:20 security update
ELSA-2025-1613
ELSA-2025-1613: nodejs:22 security update (IMPORTANT)
ELSA-2025-1611
ELSA-2025-1611: nodejs:22 security update (IMPORTANT)
ELSA-2025-1443
ELSA-2025-1443: nodejs:20 security update (IMPORTANT)
ELSA-2025-1351
ELSA-2025-1351: nodejs:20 security update (IMPORTANT)
ROS-20250212-15
Множественные уязвимости nodejs
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-23083 With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23. | CVSS3: 7.7 | 0% Низкий | 11 месяцев назад |
 | CVE-2025-23083 With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23. | CVSS3: 7.7 | 0% Низкий | 11 месяцев назад |
 | CVE-2025-23083 With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23. | CVSS3: 7.7 | 0% Низкий | 11 месяцев назад |
 | CVSS3: 7.7 | 0% Низкий | 11 месяцев назад | |
| CVE-2025-23083 With the aid of the diagnostics_channel utility, an event can be hooke ... | CVSS3: 7.7 | 0% Низкий | 11 месяцев назад |
| GHSA-wv7p-rjf3-9fr5 With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage. This vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23. | CVSS3: 7.7 | 0% Низкий | 11 месяцев назад |
 | BDU:2025-03339 Уязвимость утилиты diagnostics_channel программной платформы Node.js, позволяющая нарушителю обойти внедренные ограничения безопасности | CVSS3: 7.7 | 0% Низкий | 11 месяцев назад |
 | SUSE-SU-2025:0284-1 Security update for nodejs22 | 11 месяцев назад | ||
| SUSE-SU-2025:0237-1 Security update for nodejs20 | 11 месяцев назад | ||
| SUSE-SU-2025:0232-1 Security update for nodejs20 | 11 месяцев назад | ||
 | RLSA-2025:1613 Important: nodejs:22 security update | 10 месяцев назад | ||
| RLSA-2025:1611 Important: nodejs:22 security update | 10 месяцев назад | ||
| RLSA-2025:1443 Important: nodejs:20 security update | 11 месяцев назад | ||
| RLSA-2025:1351 Important: nodejs:20 security update | 11 месяцев назад | ||
| ELSA-2025-1613 ELSA-2025-1613: nodejs:22 security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2025-1611 ELSA-2025-1611: nodejs:22 security update (IMPORTANT) | 10 месяцев назад | ||
| ELSA-2025-1443 ELSA-2025-1443: nodejs:20 security update (IMPORTANT) | 11 месяцев назад | ||
| ELSA-2025-1351 ELSA-2025-1351: nodejs:20 security update (IMPORTANT) | 11 месяцев назад | ||
 | ROS-20250212-15 Множественные уязвимости nodejs | CVSS3: 7.7 | 11 месяцев назад |
Уязвимостей на страницу