Node.js Multiple Vulnerabilities
Release Date:
15 Feb 2024
4265
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in Node.js. A remote attacker can exploit these vulnerabilities to trigger denial of service, security restriction bypass, elevation of privilege and sensitive information disclosure on the targeted system.
Impact
- Security Restriction Bypass
- Information Disclosure
- Denial of Service
- Elevation of Privilege
System / Technologies affected
- Node.js versions prior to 18.19.1 (LTS)
- Node.js versions prior to 20.11.1 (LTS)
- Node.js versions prior to 21.6.2 (Current)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Update to Node.js version 18.19.1 (LTS)
- Update to Node.js version 20.11.1 (LTS)
- Update to Node.js version 21.6.2 (Current)
Vulnerability Identifier
- CVE-2023-46809
- CVE-2024-21890
- CVE-2024-21891
- CVE-2024-21892
- CVE-2024-21896
- CVE-2024-22017
- CVE-2024-22019
- CVE-2024-22025
Source
Related Link
Related Tags
Share with