What is RHSA-2023:5533?

RHSA-2023:5533 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: nodejs security, bug fix, and enhancement update

What is the CVSS v3 score of RHSA-2023:5533?

RHSA-2023:5533 has a CVSS v3 base score of 8.8, published by Red Hat Product Security.

RHSA-2023:5533HighCVSS 8.8

Red Hat Security Advisory: nodejs security, bug fix, and enhancement update

Vendor

Red Hat Product Security

Published

October 9, 2023

Last Modified

June 3, 2026

🔗 CVE IDs covered (12)

CVE-2023-30589 →CVE-2023-32002 →CVE-2023-30588 →CVE-2023-30590 →CVE-2023-32006 →CVE-2023-32559 →CVE-2022-4904 →CVE-2022-25881 →CVE-2023-23920 →CVE-2023-23936 →CVE-2023-24807 →CVE-2023-30581 →

📋 Description

CVE-2022-4904 — c-ares: buffer overflow in config_sortlist() due to missing string length check CVE-2022-25881 — http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability CVE-2023-23920 — Node.js: insecure loading of ICU data through ICU_DATA environment variable CVE-2023-23936 — Node.js: Fetch API did not protect against CRLF injection in host headers CVE-2023-24807 — Node.js: Regular Expression Denial of Service in Headers fetch API CVE-2023-30581 — nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30588 — nodejs: process interuption due to invalid Public Key information in x509 certificates CVE-2023-30589 — nodejs: HTTP Request Smuggling via Empty headers separated by CR CVE-2023-30590 — nodejs: DiffieHellman do not generate keys after setting a private key CVE-2023-32002 — nodejs: Permissions policies can be bypassed via Module._load CVE-2023-32006 — nodejs: Permissions policies can impersonate other modules in using module.constructor.createRequire() CVE-2023-32559 — nodejs: Permissions policies can be bypassed via process.binding

🔗 CVE IDs covered (12)

📋 Description

🔗 References (18)