Node.js Multiple Vulnerabilities

Release Date: 20 Feb 2023 3803 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities have been identified in Node.js, a remote attacker can exploit these vulnerabilities to trigger remote code execution, security restriction bypass, elevation of privilege and denial of service on the targeted system.

Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Denial of Service
  • Elevation of Privilege

System / Technologies affected

  • Node.js versions prior to 14.21.3 (LTS)
  • Node.js versions prior to 16.19.1 (LTS)
  • Node.js versions prior to 18.14.1 (LTS)
  • Node.js versions prior to 19.6.1

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Update to Node.js version 14.21.3 (LTS)
  • Update to Node.js version 16.19.1 (LTS)
  • Update to Node.js version 18.14.1 (LTS)
  • Update to Node.js version 19.6.1

Vulnerability Identifier

Source

Related Link

https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/

Related Tags

Node.jsRemote Code ExecutionSecurity Restriction BypassDenial of ServiceElevation of Privilege

Share with

Previous

Splunk Products Multiple Vulnerabilities

16 Feb 2023 3807 Views

Next

Mozilla Thunderbird Multiple Vulnerabilities

20 Feb 2023 3904 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY