SecuritySpace - CVE-2023-30581

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-30581

Description: The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-30581
https://nodejs.org/en/blog/vulnerability/june-2023-security-releases
https://nodejs.org/en/blog/vulnerability/june-2023-security-releases

CVE ID:	CVE-2023-30581
Description:	The use of __proto__ in process.mainModule.__proto__.require() can bypass the policy mechanism and require modules outside of the policy.json definition. This vulnerability affects all users using the experimental policy mechanism in all active release lines: v16, v18 and, v20. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-30581 https://nodejs.org/en/blog/vulnerability/june-2023-security-releases https://nodejs.org/en/blog/vulnerability/june-2023-security-releases