SecuritySpace - CVE-2023-39331

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-39331

Description: A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-39331
https://hackerone.com/reports/2092852
https://hackerone.com/reports/2092852

CVE ID:	CVE-2023-39331
Description:	A previously disclosed vulnerability (CVE-2023-30584) was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-39331 https://hackerone.com/reports/2092852 https://hackerone.com/reports/2092852