First published: Wed Jan 03 2024(Updated: )
Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2022-4304) CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-4450) Octavio Galland and Marcel Böhme discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0215) David Benjamin discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. (CVE-2023-0286) Hubert Kario and Dmitry Belyavsky discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0401)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libnode-dev | <12.22.9~dfsg-1ubuntu3.3 | 12.22.9~dfsg-1ubuntu3.3 |
=22.04 | ||
All of | ||
ubuntu/libnode72 | <12.22.9~dfsg-1ubuntu3.3 | 12.22.9~dfsg-1ubuntu3.3 |
=22.04 | ||
All of | ||
ubuntu/nodejs | <12.22.9~dfsg-1ubuntu3.3 | 12.22.9~dfsg-1ubuntu3.3 |
=22.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)