nodejs 缓冲区错误漏洞

nodejs is a JavaScript runtime environment based on the ChromeV8 engine by wrapping the Chromev8 engine and the use of event-driven and non-blocking IO applications to make the development of high-performance Javascript background applications possible. A buffer error vulnerability exists in...

CVE-2021-33205

Western Digital EdgeRover before 0.25 has an escalation of privileges vulnerability where a low privileged user could load malicious content into directories with higher privileges, because of how Node.js is used. An attacker can gain admin privileges and carry out malicious activities such as...

DEBIAN-CVE-2021-33587

The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input...

CVE-2021-32573

The express-cart package through 1.1.10 for Node.js allows Reflected XSS for an admin via a user input field for product options. NOTE: the vendor states that this "would rely on an admin hacking his/her own website...

express-cart 跨站脚本漏洞

express-cart is a shopping cart module for use in Node.js. A cross-site scripting vulnerability exists in express-cart version 1.1.10. An attacker can exploit this vulnerability to obtain sensitive information...

nodejs: DNS rebinding in --inspect

A flaw was found in nodejs. A denial of service is possible when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS over the network. If the attacker controls the victim's DNS server or can spoof its response...

Arbitrary Command Injection

Overview ffmpegdotjs is a FFMPEG module for nodejs Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands. This is due to use of the...

c-ares: ares_parse_{a,aaaa}_reply() insufficient naddrttls validation DoS

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and...

nodejs: use-after-free in the TLS implementation

A flaw was found in nodejs. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResu...

DEBIAN-CVE-2020-8277

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and...

DEBIAN-CVE-2020-8201

Node.js 12.18.4 and 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture ...

nodejs: TLS session reuse can lead to hostname verification bypass

A TLS Hostname verification bypass vulnerability exists in NodeJS. This flaw allows an attacker to bypass TLS Hostname verification when a TLS client reuses HTTPS sessions...

keycloak: verify-token-audience support is missing in the NodeJS adapter

A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions...

bcrypt encryption problem vulnerability

bcrypt is a library used in Node.js for encrypting passwords. An encryption issue vulnerability exists in versions of bcrypt prior to 5.0.0. The vulnerability stems from a networked system or product that does not properly use the relevant cryptographic algorithm, resulting in content that is not...

Confinit Input Validation Error Vulnerability

confinit is an application configuration package for Node.Js. Confinit is vulnerable to an input validation error. The vulnerability stems from a network system or product that does not properly validate input data. Detailed vulnerability details are not available at this time...

npmjs-url-parse: Improper validation of protocol of the returned URL

An input validation flaw exists in the node.js-url-parse, which results in the URL being incorrectly set to the document location protocol instead of the URL being passed as an argument. An attacker could use this flaw to bypass security checks on URLs...

Druva inSync Client Arbitrary NodeJS Code Execution Vulnerability

Druva inSync Client is a lightweight application for managing data backups and allowing collaboration with other users. An arbitrary NodeJS code execution vulnerability exists in Druva inSync Client 6.5.0. The vulnerability stems from improper input validation. A locally authenticated attacker ca...

Command Injection

Overview docker-compose-remote-api is a Connection interface between docker-compose and the Docker Remote API. Affected versions of this package are vulnerable to Command Injection. Within index.js of the package, the function execserviceName, cmd, fnStdout, fnStderr, fnExit uses the variable...

nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string

An encoding error flaw exists in the Node.js code that is used to read a peer certificate in the TLS client authentication. An attacker can use this flaw to crash the process used to handle TLS client authentication...

nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string

An encoding error flaw exists in the Node.js code that is used to read a peer certificate in the TLS client authentication. An attacker can use this flaw to crash the process used to handle TLS client authentication...