VYPR

apk package

wolfi/nodejs-19

pkg:apk/wolfi/nodejs-19

Vulnerabilities (6)

  • CVE-2024-24806Feb 7, 2024
    affected < 19.9.0-r6fixed 19.9.0-r6

    libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be ex

  • CVE-2023-39331Oct 18, 2023
    affected < 0fixed 0

    A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined impl

  • CVE-2023-39332Oct 18, 2023
    affected < 0fixed 0

    Various `node:fs` functions allow specifying paths as either strings or `Uint8Array` objects. In Node.js environments, the `Buffer` class extends the `Uint8Array` class. Node.js prevents path traversal through strings (see CVE-2023-30584) and `Buffer` objects (see CVE-2023-32004)

  • CVE-2023-44487HigKEVOct 10, 2023
    affected < 0fixed 0

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2023-32003Aug 15, 2023
    affected < 0fixed 0

    `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory. This vulnerability affects

  • CVE-2023-32004Aug 15, 2023
    affected < 0fixed 0

    A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of Buffers in file system APIs causing a traversal path to bypass when verifying file permissions. This vulnerability affects