From 6d7985658beb7505f7bb5c22651e01f1230595cf Mon Sep 17 00:00:00 2001 From: Rafael Gonzaga Date: Fri, 13 Oct 2023 19:43:14 -0300 Subject: [PATCH] vuln: add october 2023 security release vulns (#1131) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * vuln: add october 2023 security release vulns * vuln: adjust typo in overview's field Co-authored-by: Tobias Nießen --------- Co-authored-by: Tobias Nießen --- vuln/core/125.json | 8 +++++ vuln/core/126.json | 8 +++++ vuln/core/127.json | 8 +++++ vuln/core/128.json | 8 +++++ vuln/core/129.json | 8 +++++ vuln/core/130.json | 8 +++++ vuln/core/index.json | 72 ++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 120 insertions(+) create mode 100644 vuln/core/125.json create mode 100644 vuln/core/126.json create mode 100644 vuln/core/127.json create mode 100644 vuln/core/128.json create mode 100644 vuln/core/129.json create mode 100644 vuln/core/130.json diff --git a/vuln/core/125.json b/vuln/core/125.json new file mode 100644 index 00000000..8b8cbecb --- /dev/null +++ b/vuln/core/125.json @@ -0,0 +1,8 @@ +{ + "cve": ["CVE-2023-45143"], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Cookie headers are not cleared in cross-domain redirect in undici-fetch (High)", + "affectedEnvironments": ["all"] +} diff --git a/vuln/core/126.json b/vuln/core/126.json new file mode 100644 index 00000000..327aec86 --- /dev/null +++ b/vuln/core/126.json @@ -0,0 +1,8 @@ +{ + "cve": ["CVE-2023-44487"], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Rapidly creating and cancelling streams (HEADERS frame immediately followed by RST_STREAM) without bound causes denial of service (High)", + "affectedEnvironments": ["all"] +} diff --git a/vuln/core/127.json b/vuln/core/127.json new file mode 100644 index 00000000..82951518 --- /dev/null +++ b/vuln/core/127.json @@ -0,0 +1,8 @@ +{ + "cve": ["CVE-2023-39331"], + "vulnerable": "20.x", + "patched": "^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently. The implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations (High)", + "affectedEnvironments": ["all"] +} diff --git a/vuln/core/128.json b/vuln/core/128.json new file mode 100644 index 00000000..9d09ebde --- /dev/null +++ b/vuln/core/128.json @@ -0,0 +1,8 @@ +{ + "cve": ["CVE-2023-39332"], + "vulnerable": "20.x", + "patched": "^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Path traversal through path stored in Uint8Array (High)", + "affectedEnvironments": ["all"] +} diff --git a/vuln/core/129.json b/vuln/core/129.json new file mode 100644 index 00000000..c7e84c6b --- /dev/null +++ b/vuln/core/129.json @@ -0,0 +1,8 @@ +{ + "cve": ["CVE-2023-38552"], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Integrity checks according to experimental policies can be circumvented (Medium)", + "affectedEnvironments": ["all"] +} diff --git a/vuln/core/130.json b/vuln/core/130.json new file mode 100644 index 00000000..98099d8d --- /dev/null +++ b/vuln/core/130.json @@ -0,0 +1,8 @@ +{ + "cve": ["CVE-2023-39333"], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Code injection via WebAssembly export names (Low)", + "affectedEnvironments": ["all"] +} diff --git a/vuln/core/index.json b/vuln/core/index.json index af398008..7b67b815 100644 --- a/vuln/core/index.json +++ b/vuln/core/index.json @@ -1546,5 +1546,77 @@ "affectedEnvironments": [ "all" ] + }, + "125": { + "cve": [ + "CVE-2023-45143" + ], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Cookie headers are not cleared in cross-domain redirect in undici-fetch (High)", + "affectedEnvironments": [ + "all" + ] + }, + "126": { + "cve": [ + "CVE-2023-44487" + ], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Rapidly creating and cancelling streams (HEADERS frame immediately followed by RST_STREAM) without bound causes denial of service (High)", + "affectedEnvironments": [ + "all" + ] + }, + "127": { + "cve": [ + "CVE-2023-39331" + ], + "vulnerable": "20.x", + "patched": "^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently. The implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations (High)", + "affectedEnvironments": [ + "all" + ] + }, + "128": { + "cve": [ + "CVE-2023-39332" + ], + "vulnerable": "20.x", + "patched": "^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Path traversal through path stored in Uint8Array (High)", + "affectedEnvironments": [ + "all" + ] + }, + "129": { + "cve": [ + "CVE-2023-38552" + ], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Integrity checks according to experimental policies can be circumvented (Medium)", + "affectedEnvironments": [ + "all" + ] + }, + "130": { + "cve": [ + "CVE-2023-39333" + ], + "vulnerable": "18.x || 20.x", + "patched": "^18.18.2 || ^20.8.1", + "ref": "https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/", + "overview": "Code injection via WebAssembly export names (Low)", + "affectedEnvironments": [ + "all" + ] } } \ No newline at end of file