8 matches found
BELL-CVE-2025-27209 CVE-2025-27209 does not affect BellSoft software
Bulletin has no description...
CVE-2025-27209
A flaw was found in nodejs. The V8 component’s rapidhash implementation introduces a HashDoS vulnerability, allowing an attacker who can control the strings being hashed to trigger excessive CPU usage by generating numerous hash collisions. This exploitation vector results in an application level...
CVE-2025-27209
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...
CVE-2025-27209
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...
Node.js 24.x < 24.4.1 HashDoS Vulnerability - Mac OS X
Node.js is prone to a HashDoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...
Node.js 24.x < 24.4.1 HashDoS Vulnerability - Windows
Node.js is prone to a HashDoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...
CVE-2025-27209
creationtimestamp| type| source ---|---|--- 2025-07-16 20:41:28+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lu4bpfj2nk24 2025-07-16 20:48:52+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lu4c4i4mu224 2025-07-18 01:20:47+00:00| seen|...
Node.js 20.x < 20.19.4 / 22.x < 22.17.1 / 24.x < 24.4.1 Multiple Vulnerabilities (Tuesday, July 15, 2025 Security Releases).
The version of Node.js installed on the remote host is prior to 20.19.4, 22.17.1, 24.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the Tuesday, July 15, 2025 Security Releases advisory. - The V8 release used in Node.js v24.0.0 has changed how string hashes are...