CVE-2023-30581 — Vulnetix

CVE-2023-30581 PUBLISHED

EPSS 0.02% · 5.0th percentile

Risk Scores

EPSS Score

0.02%

5.0th percentile

Affected Products

Vendor	Product	Versions
Amazon	nodejs

Exploit Intelligence

The use of __proto__ in process.mainModule.__proto__.require() bypasses the permission system in Node v19.6.1 (hackerone)
The use of __proto__ in process.mainModule.__proto__.require() bypasses the permission system in Node v19.6.1 (hackerone)
The use of __proto__ in process.mainModule.__proto__.require() bypasses the permission system in Node v19.6.1 (hackerone)

Timeline

CVE Published
Jul 20, 2023 PoC Published
Nov 23, 2023 EPSS Score
Dec 23, 2023 EPSS Score
Jan 22, 2024 EPSS Score
Feb 21, 2024 EPSS Score
Mar 22, 2024 EPSS Score
Apr 21, 2024 EPSS Score
May 21, 2024 EPSS Score
Jun 20, 2024 EPSS Score
Jul 20, 2024 EPSS Score
Aug 19, 2024 EPSS Score

References

ALAS2023-2023-237: nodejs (important) advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›