Back to bug 2230956
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Mauro Matteo Cascella | 2023-08-10 10:14:55 UTC | Blocks | 2230962 | |
| Mauro Matteo Cascella | 2023-08-10 10:16:23 UTC | Depends On | 2230973, 2230974, 2230975, 2230972 | |
| Sandipan Roy | 2023-08-22 07:14:22 UTC | Alias | TRIAGE-CVE-2023-32559 | CVE-2023-32559 |
| Summary | TRIAGE-CVE-2023-32559 nodejs: Permissions policies can be bypassed via process.binding | CVE-2023-32559 nodejs: Permissions policies can be bypassed via process.binding | ||
| Sandipan Roy | 2023-08-22 07:16:06 UTC | Depends On | 2233400, 2233406, 2233398, 2233402, 2233404, 2233407, 2233403, 2233399, 2233397, 2233401 | |
| Sandipan Roy | 2023-08-22 07:51:57 UTC | Doc Text | A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding('spawn_sync') run arbitrary code, outside of the limits defined in a policy.json file. | |
| RaTasha Tillery-Smith | 2023-08-22 14:14:42 UTC | Doc Text | A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding('spawn_sync') run arbitrary code, outside of the limits defined in a policy.json file. | A vulnerability was found in NodeJS. This security issue occurs as the use of the deprecated API process.binding() can bypass the policy mechanism by requiring internal modules and eventually take advantage of process.binding('spawn_sync') to run arbitrary code outside of the limits defined in a policy.json file. |
| RHEL Program Management Team | 2023-08-23 16:33:19 UTC | Depends On | 2233897 | |
| RHEL Program Management Team | 2023-08-23 16:33:26 UTC | Depends On | 2233898 | |
| RHEL Program Management Team | 2023-08-24 10:41:04 UTC | Depends On | 2234407 | |
| RHEL Program Management Team | 2023-08-24 10:42:21 UTC | Depends On | 2234412 | |
| RHEL Program Management Team | 2023-08-30 10:29:04 UTC | Depends On | 2236095 | |
| Zuzana Svetlikova | 2023-08-30 10:53:18 UTC | Depends On | 2236100 | |
| RHEL Program Management Team | 2023-08-30 12:39:22 UTC | Depends On | 2236141 | |
| errata-xmlrpc | 2023-09-26 14:50:43 UTC | Link ID | Red Hat Product Errata RHSA-2023:5361 | |
| errata-xmlrpc | 2023-09-26 14:51:40 UTC | Link ID | Red Hat Product Errata RHSA-2023:5363 | |
| errata-xmlrpc | 2023-09-26 14:52:10 UTC | Link ID | Red Hat Product Errata RHSA-2023:5360 | |
| errata-xmlrpc | 2023-09-26 14:58:51 UTC | Link ID | Red Hat Product Errata RHSA-2023:5362 |
Back to bug 2230956