Lucene search

CVE-2019-15604

🗓️ 07 Feb 2020 15:11:15Reported by hackeroneType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 238 Views

Improper Certificate Validation in Node.js 10, 12, and 13 causing process abor

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 95
Hacker One	Node.js: Remotely trigger an assertion on a TLS server with a malformed certificate string	26 Nov 201916:10	–	hackerone
Cvelist	CVE-2019-15604	7 Feb 202014:57	–	cvelist
OSV	CVE-2019-15604	7 Feb 202015:15	–	osv
OSV	RHSA-2020:0598 Red Hat Security Advisory: nodejs:12 security update	13 Sep 202416:16	–	osv
OSV	Important: nodejs:12 security update	25 Feb 202013:06	–	osv
OSV	Important: nodejs:12 security update	25 Feb 202013:06	–	osv
OSV	RHSA-2020:0579 Red Hat Security Advisory: nodejs:10 security update	13 Sep 202416:16	–	osv
OSV	Important: nodejs:10 security update	25 Feb 202007:57	–	osv
OSV	Important: nodejs:10 security update	25 Feb 202007:57	–	osv
OSV	RHSA-2020:0602 Red Hat Security Advisory: rh-nodejs12-nodejs security update	13 Sep 202416:15	–	osv

Nvd

Vulners

Node

nodejs node.jsRange10.0.0–10.19.0lts

nodejs node.jsRange12.0.0–12.15.0lts

nodejs node.jsRange13.0.0–13.8.0-

Node

debian debian_linuxMatch10.0

Node

opensuse leapMatch15.1

Node

redhat software_collectionsMatch1.0

redhat enterprise_linuxMatch8.0-

redhat enterprise_linux_eusMatch8.1

redhat enterprise_linux_eusMatch8.2

redhat enterprise_linux_eusMatch8.4

redhat enterprise_linux_eusMatch8.6

redhat enterprise_linux_server_ausMatch8.2

redhat enterprise_linux_server_ausMatch8.4

redhat enterprise_linux_server_ausMatch8.6

redhat enterprise_linux_server_tusMatch8.2

redhat enterprise_linux_server_tusMatch8.4

redhat enterprise_linux_server_tusMatch8.6

Node

oracle communications_cloud_native_core_network_function_cloud_native_environmentMatch1.4.0

oracle graalvmMatch19.3.1enterprise

oracle graalvmMatch20.0.0enterprise

[
  {
    "product": "https://github.com/nodejs/node",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "10.19.0, 12.15.0, 13.8.0"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com//security-alerts/cpujul2021.html
access	www.access.redhat.com/errata/RHSA-2020:0598
access	www.access.redhat.com/errata/RHSA-2020:0602
nodejs	www.nodejs.org/en/blog/release/v12.15.0/
access	www.access.redhat.com/errata/RHSA-2020:0573
lists	www.lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html
debian	www.debian.org/security/2020/dsa-4669
access	www.access.redhat.com/errata/RHSA-2020:0579
nodejs	www.nodejs.org/en/blog/vulnerability/february-2020-security-releases/
access	www.access.redhat.com/errata/RHSA-2020:0597

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

07 Feb 2020 15:15Current

8.2High risk

Vulners AI Score8.2

CVSS25

CVSS37.5

EPSS0.04722

CWE-295