Vulnerabilities > Nodejs > Node JS > 20.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-01 | CVE-2023-30586 | Missing Authorization vulnerability in Nodejs Node.Js A privilege escalation vulnerability exists in Node.js 20 that allowed loading arbitrary OpenSSL engines when the experimental permission model is enabled, which can bypass and/or disable the permission model. | 7.5 |
| 2023-07-01 | CVE-2023-30589 | The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. | 7.5 |