Lucene search
+L

14 matches found

RedHat Linux
RedHat Linux
added 3 days ago8 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS6.9AI score0.02486EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 4 days ago11 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS6.9AI score0.02486EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 2:47 p.m.5 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS7AI score0.02486EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 5:32 a.m.7 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS5.9AI score0.02486EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:52 a.m.8 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS7AI score0.02486EPSS
Exploits0References5
OSV
OSV
added 2026/06/29 5:48 a.m.8 views

BIT-NODE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.7CVSS7.1AI score0.02486EPSS
Exploits0References15
OSV
OSV
added 2026/06/26 2:16 a.m.7 views

ALPINE-CVE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

6.5CVSS7.1AI score0.02486EPSS
Exploits0References1
OSV
OSV
added 2026/06/26 1:14 a.m.3 views

CVE-2026-48618

A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat. This can lead to confidentiality impact or bypass of the intended security boundary under...

7.7CVSS7.1AI score0.02486EPSS
Exploits0References17
RedHat Linux
RedHat Linux
added 2026/06/25 11:4 p.m.3 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS6.9AI score0.02486EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/24 11:59 a.m.3 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS6.9AI score0.02486EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/24 3:33 a.m.3 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS6.9AI score0.02486EPSS
Exploits0References5
Hacker One
Hacker One
added 2026/04/21 10:11 p.m.8 views

Node.js: Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass due to resolver and verifier hostname normalization mismat

Vulnerability description not provided...

7.7CVSS5.8AI score0.02486EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/21 5:31 p.m.3 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS6.9AI score0.02486EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/10 1:3 p.m.2 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS6.9AI score0.02486EPSS
Exploits0References5
Rows per page
Query Builder