Количество 19
Количество 19
GHSA-f27j-4f6g-jp27
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
On Linux Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.
CVE-2024-21892
On Linux, Node.js ignores certain environment variables if those may h ...
BDU:2024-01672
Уязвимость программной платформы Node.js, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями
ROS-20240812-08
Уязвимость nodejs
RLSA-2024:1510
Important: nodejs:18 security update
RLSA-2024:1503
Important: nodejs:18 security update
ELSA-2024-1510
ELSA-2024-1510: nodejs:18 security update (IMPORTANT)
ELSA-2024-1503
ELSA-2024-1503: nodejs:18 security update (IMPORTANT)
SUSE-SU-2024:0730-1
Security update for nodejs18
SUSE-SU-2024:0644-1
Security update for nodejs18
RLSA-2024:1688
Important: nodejs:20 security update
RLSA-2024:1687
Important: nodejs:20 security update
ELSA-2024-1688
ELSA-2024-1688: nodejs:20 security update (IMPORTANT)
ELSA-2024-1687
ELSA-2024-1687: nodejs:20 security update (IMPORTANT)
SUSE-SU-2024:0643-1
Security update for nodejs20
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-f27j-4f6g-jp27 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 7.5 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 7.8 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 8.1 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 7.8 | 1% Низкий | больше 2 лет назад |
 | CVE-2024-21892 On Linux Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges. | CVSS3: 7.8 | 1% Низкий | 4 месяца назад |
| CVE-2024-21892 On Linux, Node.js ignores certain environment variables if those may h ... | CVSS3: 7.8 | 1% Низкий | больше 2 лет назад |
 | BDU:2024-01672 Уязвимость программной платформы Node.js, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код с повышенными привилегиями | CVSS3: 8.8 | 1% Низкий | больше 2 лет назад |
 | ROS-20240812-08 Уязвимость nodejs | CVSS3: 8.8 | 1% Низкий | почти 2 года назад |
 | RLSA-2024:1510 Important: nodejs:18 security update | больше 2 лет назад | ||
| RLSA-2024:1503 Important: nodejs:18 security update | больше 2 лет назад | ||
| ELSA-2024-1510 ELSA-2024-1510: nodejs:18 security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2024-1503 ELSA-2024-1503: nodejs:18 security update (IMPORTANT) | больше 2 лет назад | ||
 | SUSE-SU-2024:0730-1 Security update for nodejs18 | больше 2 лет назад | ||
| SUSE-SU-2024:0644-1 Security update for nodejs18 | больше 2 лет назад | ||
| RLSA-2024:1688 Important: nodejs:20 security update | около 2 лет назад | ||
| RLSA-2024:1687 Important: nodejs:20 security update | около 2 лет назад | ||
| ELSA-2024-1688 ELSA-2024-1688: nodejs:20 security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2024-1687 ELSA-2024-1687: nodejs:20 security update (IMPORTANT) | около 2 лет назад | ||
| SUSE-SU-2024:0643-1 Security update for nodejs20 | больше 2 лет назад |
Уязвимостей на страницу