{"uuid": "de45583d-42cd-40f1-86c2-a88583771b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32002", "type": "seen", "source": "https://t.me/cibsecurity/68899", "content": "\u203c CVE-2023-32002 \u203c\n\nThe use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x.Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:15.000000Z"}