USN-6735-1: Node.js vulnerabilities

Read Time:44 Second

It was discovered that Node.js incorrectly handled the use of invalid public
keys while creating an x509 certificate. If a user or an automated system were
tricked into opening a specially crafted input file, a remote attacker could
possibly use this issue to cause a denial of service. This issue only affected
Ubuntu 23.10. (CVE-2023-30588)

It was discovered that Node.js incorrectly handled the use of CRLF sequences to
delimit HTTP requests. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to obtain unauthorised access. This issue only affected
Ubuntu 23.10. (CVE-2023-30589)

It was discovered that Node.js incorrectly described the generateKeys()
function in the documentation. This inconsistency could possibly lead to
security issues in applications that use these APIs.
(CVE-2023-30590)

Generated by Feedzy

Cyber Security News

The Darkgate Menace: Leveraging Autohotkey & Attempt to Evade Smartscreen

Study Reveals Alarming Levels of USPS Phishing Traffic

Judge0 Sandbox Vulnerabilities Expose Systems to Takeover Risk

Voter Registration System Taken Offline in Coffee County Cyber-Incident

OpenAI’s ChatGPT is Breaking GDPR, Says Noyb

Whale Song Code

Enhancing Financial Security Through Behavioral Biometrics

New UK Smart Device Security Law Comes into Force

Okta Warns Customers of Credential Stuffing Barrage

USN-6735-1: Node.js vulnerabilities

USN-6759-1: FreeRDP vulnerabilities

USN-6757-1: PHP vulnerabilities

USN-6744-3: Pillow vulnerability

USN-6734-2: libvirt vulnerabilities

USN-6733-2: GnuTLS vulnerabilities

USN-6718-3: curl vulnerabilities