{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T04:12:19.335","vulnerabilities":[{"cve":{"id":"CVE-2023-30584","sourceIdentifier":"support@hackerone.com","published":"2024-09-07T16:15:02.167","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been discovered in Node.js version 20, specifically within the experimental permission model. This flaw relates to improper handling of path traversal bypass when verifying file permissions.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js."},{"lang":"es","value":"Se ha descubierto una vulnerabilidad en la versión 20 de Node.js, específicamente en el modelo de permisos experimental. Esta falla está relacionada con el manejo inadecuado de la omisión de la ruta de acceso al verificar los permisos de los archivos. Tenga en cuenta que, en el momento en que se emitió esta CVE, el modelo de permisos era una característica experimental de Node.js."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.5,"impactScore":5.2}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://nodejs.org/en/blog/vulnerability/june-2023-security-releases","source":"support@hackerone.com"},{"url":"https://security.netapp.com/advisory/ntap-20241108-0005/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}