SecuritySpace - CVE-2023-32002

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-32002

Description: The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-32002
https://hackerone.com/reports/1960870
https://hackerone.com/reports/1960870

CVE ID:	CVE-2023-32002
Description:	The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-32002 https://hackerone.com/reports/1960870 https://hackerone.com/reports/1960870