(CVE-2023-32004) Permission model bypass by specifying a path traversal sequence in a Buffer

Disclosed: 2023-10-07 18:45:48 By haxatron1 To ibb

High

Vulnerability Details

https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permission-model-bypass-by-specifying-a-path-traversal-sequence-in-a-buffer-highcve-2023-32004 https://hackerone.com/reports/2038134 Also, patch was provided in the report and matched https://github.com/nodejs/node/commit/1f64147eb607f82060e08884f993597774c69280 (excluding tests). ## Impact see reports.

Actions

View on HackerOne

Report Stats

Report ID: 2104564
State: Closed
Substate: resolved
Upvotes: 3

(CVE-2023-32004) Permission model bypass by specifying a path traversal sequence in a Buffer

Vulnerability Details

Actions

Report Stats

Share this report