mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-25 15:13:46 +00:00
12bbce3e6c
The following CVEs are fixed in this release: - CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High) - CVE-2023-30584: Path Traversal Bypass in Experimental Permission Model (High) - CVE-2023-30587: Bypass of Experimental Permission Model via Node.js Inspector (High) - CVE-2023-30582: Inadequate Permission Model Allows Unauthorized File Watching (Medium) - CVE-2023-30583: Bypass of Experimental Permission Model via fs.openAsBlob() (Medium) - CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium) - CVE-2023-30586: Bypass of Experimental Permission Model via Arbitrary OpenSSL Engines (Medium) - CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium) - CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium) - CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium) https://github.com/nodejs/node/releases/tag/v20.3.1 |
||
---|---|---|
.. | ||
bloomrpc | ||
bootstrap-studio | ||
bun | ||
cog | ||
cypress | ||
deno | ||
flyctl | ||
function-runner | ||
grails | ||
ihp-new | ||
insomnia | ||
kcgi | ||
kore | ||
lucky-cli | ||
mailcatcher | ||
minify | ||
netlify-cli | ||
newman | ||
nodejs | ||
playwright | ||
playwright-test | ||
pnpm-lock-export | ||
postman | ||
protege-distribution | ||
publii | ||
shopify-cli | ||
shopify-themekit | ||
twitter-bootstrap | ||
valum | ||
wml | ||
woff2 | ||
xmlindent |