- Latest cybersecurity news and CVE details

Node.js

CVE-2023-23919: Node.js OpenSSL Error Stack Not Cleared, Leading To False Positive Errors and Potential Denial Of Service
A newly discovered cryptographic vulnerability, identified as CVE-2023-23919, affects certain Node.js versions. Specifically, this vulnerability impacts Node.js versions<19.2., <18.14.1, <16.19.1, and <14.21.3. This security issue arises due to a failure to clear the OpenSSL error stack after several operations, which can lead to false positive errors and potentially cause a Denial of Service (DoS) attack. The Problem The issue stems from the fact that in some cases, Node.js does not adequat
Episode
00:00:00 00:00:00