Node.js 18.x < 18.18.2 / 20.x < 20.8.1 多个漏洞(2023 年 10 月 13 日星期五安全版本)。

critical Nessus 插件 ID 183390

版本 1.4

Oct 26, 2023, 4:21 PM

  • CVSS metrics ("CVSSv2 score" changed from 4.0 to 10.0. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from 3.5 to 9.8. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H")
  • CVSSv2 score source (changed from "CVE-2023-45143" to "CVE-2023-39332")
  • CVSSv2 severity (based on CVE-2023-39332, severity increased from "Medium" to "High")
  • CVSSv3 severity (based on None, severity increased from "Low" to "High")

Plugin Feed: 202310261621