Total
160 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12116 | 2 Nodejs, Suse | 4 Node.js, Suse Enterprise Storage, Suse Linux Enterprise Server and 1 more | 2022-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server. | |||||
| CVE-2018-7167 | 1 Nodejs | 1 Node.js | 2022-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron"), 8.x (LTS "Carbon"), and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable. | |||||
| CVE-2018-7158 | 1 Nodejs | 1 Node.js | 2022-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| The `'path'` module in the Node.js 4.x release line contains a potential regular expression denial of service (ReDoS) vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The regular expression, `splitPathRe`, used within the `'path'` module for the various path parsing functions, including `path.dirname()`, `path.extname()` and `path.parse()` was structured in such a way as to allow an attacker to craft a string, that when passed through one of these functions, could take a significant amount of time to evaluate, potentially leading to a full denial of service. | |||||
| CVE-2018-7164 | 1 Nodejs | 1 Node.js | 2022-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour. | |||||
| CVE-2017-3738 | 3 Debian, Nodejs, Openssl | 3 Debian Linux, Node.js, Openssl | 2022-08-19 | 4.3 MEDIUM | 5.9 MEDIUM |
| There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository. | |||||
| CVE-2013-6668 | 3 Debian, Google, Nodejs | 4 Debian Linux, Chrome, V8 and 1 more | 2022-08-16 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2017-3731 | 2 Nodejs, Openssl | 2 Node.js, Openssl | 2022-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k. | |||||
| CVE-2017-1000381 | 2 C-ares Project, Nodejs | 2 C-ares, Node.js | 2022-08-16 | 5.0 MEDIUM | 7.5 HIGH |
| The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. | |||||
| CVE-2017-15896 | 1 Nodejs | 1 Node.js | 2022-08-16 | 6.4 MEDIUM | 9.1 CRITICAL |
| Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption. | |||||
| CVE-2018-7162 | 1 Nodejs | 1 Node.js | 2022-08-16 | 7.8 HIGH | 7.5 HIGH |
| All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending duplicate/unexpected messages during the handshake. This vulnerability has been addressed by updating the TLS implementation. | |||||
| CVE-2018-7161 | 1 Nodejs | 1 Node.js | 2022-08-16 | 7.8 HIGH | 7.5 HIGH |
| All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where objects are used in native code after they are no longer available. This has been addressed by updating the http2 implementation. | |||||
| CVE-2020-8172 | 2 Nodejs, Oracle | 5 Node.js, Banking Extensibility Workbench, Blockchain Platform and 2 more | 2022-05-12 | 5.8 MEDIUM | 7.4 HIGH |
| TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. | |||||
| CVE-2020-8174 | 3 Netapp, Nodejs, Oracle | 9 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 6 more | 2022-05-12 | 9.3 HIGH | 8.1 HIGH |
| napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. | |||||
| CVE-2021-22921 | 3 Microsoft, Nodejs, Siemens | 3 Windows, Node.js, Sinec Infrastructure Network Services | 2022-04-06 | 4.4 MEDIUM | 7.8 HIGH |
| Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking. | |||||
| CVE-2016-3956 | 3 Ibm, Nodejs, Npmjs | 3 Sdk, Node.js, Npm | 2021-06-15 | 5.0 MEDIUM | 7.5 HIGH |
| The CLI in npm before 2.15.1 and 3.x before 3.8.3, as used in Node.js 0.10 before 0.10.44, 0.12 before 0.12.13, 4 before 4.4.2, and 5 before 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by reading Authorization headers. | |||||
| CVE-2018-21270 | 1 Nodejs | 1 Node.js | 2021-02-16 | 5.8 MEDIUM | 6.5 MEDIUM |
| Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x). | |||||
| CVE-2019-5739 | 2 Nodejs, Opensuse | 2 Node.js, Leap | 2020-10-16 | 5.0 MEDIUM | 7.5 HIGH |
| Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service (DoS) attack vector. Node.js 6.17.0 introduces server.keepAliveTimeout and the 5-second default. | |||||
| CVE-2018-7166 | 1 Nodejs | 1 Node.js | 2020-09-22 | 5.0 MEDIUM | 7.5 HIGH |
| In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `encoding` can be passed as a number, this is misinterpreted by `Buffer's` internal "fill" method as the `start` to a fill operation. This flaw may be abused where `Buffer.alloc()` arguments are derived from user input to return uncleared memory blocks that may contain sensitive information. | |||||
| CVE-2018-12115 | 2 Nodejs, Redhat | 2 Node.js, Openshift Container Platform | 2020-03-20 | 5.0 MEDIUM | 7.5 HIGH |
| In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written. | |||||
| CVE-2017-16024 | 2 Nodejs, Sync-exec Project | 2 Node.js, Sync-exec | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain confidential information from the buffer/tmp file, while it exists. | |||||