(CVE-2023-32006) Permissions policies can impersonate other modules in using module.constructor.createRequire()

Disclosed: 2023-10-08 16:43:58 By haxatron1 To ibb

Medium

Vulnerability Details

https://nodejs.org/en/blog/vulnerability/august-2023-security-releases#permissions-policies-can-impersonate-other-modules-in-using-moduleconstructorcreaterequire-mediumcve-2023-32006 https://hackerone.com/reports/2043807 Patch was provided about maintainer opted for different approach. ## Impact see reports

Actions

View on HackerOne

Report Stats

Report ID: 2104566
State: Closed
Substate: resolved
Upvotes: 8

(CVE-2023-32006) Permissions policies can impersonate other modules in using module.constructor.createRequire()

Vulnerability Details

Actions

Report Stats

Share this report