Lucene search

K
cveHackeroneCVE-2020-8265
HistoryJan 06, 2021 - 9:15 p.m.

CVE-2020-8265

2021-01-0621:15:14
CWE-416
hackerone
web.nvd.nist.gov
246
9
cve-2020-8265
node.js
use-after-free bug
tls
security vulnerability
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8

Confidence

High

EPSS

0.005

Percentile

75.9%

Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.

Affected configurations

Nvd
Vulners
Node
nodejsnode.jsRange10.0.010.23.1lts
OR
nodejsnode.jsRange12.0.012.20.1lts
OR
nodejsnode.jsRange14.0.014.15.4lts
OR
nodejsnode.jsRange15.0.015.5.1-
Node
debiandebian_linuxMatch10.0
Node
fedoraprojectfedoraMatch32
OR
fedoraprojectfedoraMatch33
Node
oraclegraalvmMatch19.3.4enterprise
OR
oraclegraalvmMatch20.3.0enterprise
Node
siemenssinec_infrastructure_network_servicesRange<1.0.1.1
VendorProductVersionCPE
nodejsnode.js*cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
nodejsnode.js*cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
fedoraprojectfedora32cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
fedoraprojectfedora33cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
oraclegraalvm19.3.4cpe:2.3:a:oracle:graalvm:19.3.4:*:*:*:enterprise:*:*:*
oraclegraalvm20.3.0cpe:2.3:a:oracle:graalvm:20.3.0:*:*:*:enterprise:*:*:*
siemenssinec_infrastructure_network_services*cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "https://github.com/nodejs/node",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in 10.23.1, 12.20.1, 14.15.4, 15.5.1"
      }
    ]
  }
]

Social References

More

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8

Confidence

High

EPSS

0.005

Percentile

75.9%