CVE-2023-23920

Publication date

2023-02-23 00:00:00

Family

hackerone

State

PUBLISHED

Description

An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.