It was discovered that Node.js incorrectly handled the use of invalid public
keys while creating an x509 certificate. If a user or an automated system were
tricked into opening a specially crafted input file, a remote attacker could
possibly use this issue to cause a denial of service. This issue only affected
Ubuntu 23.10. (CVE-2023-30588)
It was discovered that Node.js incorrectly handled the use of CRLF sequences to
delimit HTTP requests. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to obtain unauthorised access. This issue only affected
Ubuntu 23.10. (CVE-2023-30589)
It was discovered that Node.js incorrectly described the generateKeys()
function in the documentation. This inconsistency could possibly lead to
security issues in applications that use these APIs.
(CVE-2023-30590)
More Stories
nodejs20-20.18.2-2.fc42
FEDORA-2025-8e0ecb9bb6 Packages in this update: nodejs20-20.18.2-2.fc42 Update description: Automatic update for nodejs20-20.18.2-2.fc42. Changelog * Thu Jan 23 2025 Andrei Radchenko...
rust-routinator-0.14.1-2.el9
FEDORA-EPEL-2025-f34b49ec4b Packages in this update: rust-routinator-0.14.1-2.el9 Update description: New ASPA support is now always compiled in and available if enable-aspa...
rust-routinator-0.14.1-2.fc41
FEDORA-2025-bbabead4d7 Packages in this update: rust-routinator-0.14.1-2.fc41 Update description: New ASPA support is now always compiled in and available if enable-aspa...
rust-routinator-0.14.1-2.fc40
FEDORA-2025-46db4ee37e Packages in this update: rust-routinator-0.14.1-2.fc40 Update description: New ASPA support is now always compiled in and available if enable-aspa...
USN-7227-1: PCL vulnerability
It was discovered that PCL incorrectly handled certain malformed files. If a user or automated system were tricked into opening...
easy-rsa-3.2.1-2.el8
FEDORA-EPEL-2025-750a988e70 Packages in this update: easy-rsa-3.2.1-2.el8 Update description: 3.2.1 Read More