all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

USN-6672-1: Node.js vulnerabilities

Add to bookmarks
March 4, 2024, 11:09 a.m. |

Ubuntu security notices ubuntu.com

Morgan Jones discovered that Node.js incorrectly handled certain inputs that
leads to false positive errors during some cryptographic operations. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 23.10. (CVE-2023-23919)

It was discovered that Node.js incorrectly handled certain inputs leaded to a
untrusted search path vulnerability. If a user or an automated system were …

attacker automated cryptographic cve denial of service errors false positive file input inputs issue morgan node node.js node.js vulnerabilities operations service system ubuntu ubuntu 23.10 usn vulnerabilities

Visit resource

More from ubuntu.com / Ubuntu security notices

USN-6754-1: nghttp2 vulnerabilities 2 days, 9 hours ago | ubuntu.com
attacker cve denial of service http +10
USN-6753-1: CryptoJS vulnerability 2 days, 11 hours ago | ubuntu.com
attacker configuration cryptographic default +11
USN-6751-1: Zabbix vulnerabilities 2 days, 11 hours ago | ubuntu.com
attacker attacks cross-site cross-site scripting (xss) attacks +11
USN-6752-1: FreeRDP vulnerabilities 2 days, 17 hours ago | ubuntu.com
attacker crash denial of service issue +7
USN-6750-1: Thunderbird vulnerabilities 3 days, 4 hours ago | ubuntu.com
arbitrary code attacker browsing bypass +19
USN-6743-3: Linux kernel (Azure) vulnerabilities 3 days, 9 hours ago | ubuntu.com
attacker azure bpf compromise +16
USN-6657-2: Dnsmasq vulnerabilities 3 days, 12 hours ago | ubuntu.com
advisory attacker dnsmasq dnssec +10
USN-6749-1: FreeRDP vulnerabilities 3 days, 14 hours ago | ubuntu.com
arbitrary code attacker code context +12
USN-6748-1: Sanitize vulnerabilities 4 days, 2 hours ago | ubuntu.com
attack attacker cross-site cve +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs