What is RHSA-2023:1583?

RHSA-2023:1583 is a security advisory published by Red Hat Product Security with Medium severity. Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update

What is the CVSS v3 score of RHSA-2023:1583?

RHSA-2023:1583 has a CVSS v3 base score of 7.5, published by Red Hat Product Security.

RHSA-2023:1583MediumCVSS 7.5

Red Hat Security Advisory: nodejs:18 security, bug fix, and enhancement update

Vendor

Red Hat Product Security

Published

April 4, 2023

Last Modified

June 3, 2026

🔗 CVE IDs covered (7)

CVE-2023-24807 →CVE-2021-35065 →CVE-2022-25881 →CVE-2023-23918 →CVE-2023-23919 →CVE-2023-23920 →CVE-2023-23936 →

📋 Description

CVE-2021-35065 — glob-parent: Regular Expression Denial of Service CVE-2022-25881 — http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability CVE-2023-23918 — Node.js: Permissions policies can be bypassed via process.mainModule CVE-2023-23919 — Node.js: OpenSSL error handling issues in nodejs crypto library CVE-2023-23920 — Node.js: insecure loading of ICU data through ICU_DATA environment variable CVE-2023-23936 — Node.js: Fetch API did not protect against CRLF injection in host headers CVE-2023-24807 — Node.js: Regular Expression Denial of Service in Headers fetch API

🔗 References (10)

selfhttps://access.redhat.com/errata/RHSA-2023:1583
externalhttps://access.redhat.com/security/updates/classification/#moderate
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2156324
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2165824
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2171935
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2172190
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2172204
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2172217
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2178087
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1583.json