Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-23919

Published: 23/02/2023 Updated: 16/03/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Nodejs

Vulnerability Summary

A cryptographic vulnerability exists in Node.js <19.2.0, <18.14.1, <16.19.1, <14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that happen to be on the same thread. This in turn could be used to cause a denial of service.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

nodejs node.js

Vendor Advisories

Red Hat: Moderate: nodejs:16 security, bug fix, and enhancement update
Synopsis Moderate: nodejs:16 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8Red Hat Product Secu ...
Debian CVElist Bug Report Logs: nodejs: CVE-2023-23918 CVE-2023-23919 CVE-2023-23920
Debian Bug report logs - #1031834 nodejs: CVE-2023-23918 CVE-2023-23919 CVE-2023-23920 Package: src:nodejs; Maintainer for src:nodejs is Debian Javascript Maintainers &lt;pkg-javascript-devel@alioth-listsdebiannet&gt;; Reported by: Salvatore Bonaccorso &lt;carnil@debianorg&gt; Date: Thu, 23 Feb 2023 21:09:01 UTC Severity: gra ...
Red Hat:
Description<!----> This CVE is under investigation by Red Hat Product Security ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Ops Center Analyzer
Hitachi Ops Center Analyzer contains the following vulnerabilities: CVE-2022-43548, CVE-2023-23918, CVE-2023-23919, CVE-2023-23920, CVE-2023-23936, CVE-2023-24807, CVE-2023-30581, CVE-2023-30585, CVE-2023-30588, CVE-2023-30589, CVE-2023-30590 Affected products and versions are listed below Please upgrade your version to the appropriate versio ...

References

NVD-CWE-Otherhttps://hackerone.com/reports/1808596https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/https://security.netapp.com/advisory/ntap-20230316-0008/https://access.redhat.com/errata/RHSA-2023:1582https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-23919
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook