jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-05-09 09:08:46 +00:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
39,789 Commits 67 Branches 878 Tags 2.1 GiB
a20a328a9b
Commit Graph

5 Commits

Author SHA1 Message Date
Antoine du Hamel
69f7583ee5
policy: fix path to URL conversion 
PR-URL: https://github.com/nodejs/node/pull/49133
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
 2023-08-26 05:45:13 +00:00
RafaelGSS
b68e5e7981 policy: handle Module.constructor and main.extensions bypass 
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs-private/node-private/pull/417
Refs: https://hackerone.com/bugs?subject=nodejs&report_id=1960870
Refs: https://hackerone.com/bugs?subject=nodejs&report_id=2043807
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
CVE-ID: CVE-2023-32002,CVE-2023-32006
 2023-08-09 14:33:55 -03:00
RafaelGSS
daaa43ed96 policy: handle mainModule.__proto__ bypass 
PR-URL: https://github.com/nodejs-private/node-private/pull/416
Fixes: https://hackerone.com/bugs?subject=nodejs&report_id=1877919
Reviewed-By: Rich Trott <rtrott@gmail.com>
CVE-ID: CVE-2023-30581
 2023-06-20 17:31:28 -03:00
RafaelGSS
af91400886 policy: makeRequireFunction on mainModule.require 
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>

Co-authored-by: Bradley Farias <bradley.meck@gmail.com>
Refs: https://hackerone.com/bugs?subject=nodejs&report_id=1747642
CVE-ID: CVE-2023-23918
PR-URL: https://github.com/nodejs-private/node-private/pull/358
Reviewed-by: Bradley Farias <bradley.meck@gmail.com>
Reviewed-by: Matteo Collina <matteo.collina@gmail.com>
 2023-02-16 18:49:02 -03:00
Rich Trott
070b54a4ac policy: fix message for invalid manifest specifier 
Add test for invalid manifest specifier and fix the error message
which is missing a space ("singletrailing" instead of
"single trailing").

PR-URL: https://github.com/nodejs/node/pull/40574
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com>
 2021-10-24 22:41:28 -07:00