National Cyber Warfare Foundation (NCWF)

CVE-2023-39331
0 user ratings		2023-10-18 05:13:26
milo
CVEs
 - archive -- 
A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations.

Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.

CVE-2023-39331
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39331
A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations.

Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
2023-10-18T04:15:11Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-39331

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
CVEs


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.