MiracleLinux 7 : java-11-openjdk-11.0.7.10-4.el7 (AXSA:2020-011:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-011:04 advisory. OpenJDK: Incorrect bounds checks in NIO Buffers Libraries, 8234841 CVE-2020-2803 OpenJDK: Incorrect type checks in MethodType.readObject Libraries,...

EUVD-2014-7993

Malware in sbrugna...

EUVD-2020-29056

Malware in sbrugna...

Fedora 41 : nginx / nginx-mod-fancyindex / nginx-mod-modsecurity / etc (2025-66ebd291f8)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-66ebd291f8 advisory. Changes with nginx 1.26.3 05 Feb 2025 Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different...

BIT-NODE-MIN-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...

CVE-2024-0853 OCSP verification bypass with TLS session reuse

curl inadvertently kept the SSL session ID for connections in its cache even when the verify status OCSP stapling test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check...

CVE-2024-0853 OCSP verification bypass with TLS session reuse

curl inadvertently kept the SSL session ID for connections in its cache even when the verify status OCSP stapling test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check...

SUSE CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...

CVE-2022-21654

A flaw was found in envoy. When certificate validation settings are changed, incorrect configuration handling allows TLS session reuse without revalidation...

Oracle Linux 8 : nodejs:12 (ELSA-2020-2852)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2852 advisory. - Fix CVE-2020-10531 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

Node.js 12.x < 12.18.0, 14.x < 14.4.0 Host Certificate Verification Bypass Vulnerability - Mac OS X

Node.js is prone to a host certificate verification bypass. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

RHEL 8 : nodejs:12 (RHSA-2020:2852)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2852 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

nodejs: TLS session reuse can lead to hostname verification bypass

A TLS Hostname verification bypass vulnerability exists in NodeJS. This flaw allows an attacker to bypass TLS Hostname verification when a TLS client reuses HTTPS sessions...

RHEL 8 : nodejs:12 (RHSA-2020:2847)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2847 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:1606-1)

This update for nodejs12 fixes the following issues : nodejs12 was updated to version 12.18.0 CVE-2020-8174: Fixed multiple memory corruption in napigetvaluestring bsc1172443. CVE-2020-8172: Fixed am issue where TLS session reuse could have led to host certificate verification bypass bsc1172441...

SUSE-SU-2020:1606-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: nodejs12 was updated to version 12.18.0 - CVE-2020-8174: Fixed multiple memory corruption in napigetvaluestring bsc1172443. - CVE-2020-8172: Fixed am issue where TLS session reuse could have led to host certificate verification bypass bsc117244...

ALPINE-CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...

CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...

CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...

UBUNTU-CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...