25 matches found
EUVD-2018-18909
Malware in sbrugna...
Ubuntu 16.04 ESM / 18.04 ESM : Node.js vulnerabilities (USN-4796-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4796-1 advisory. Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An...
K000137093: Node.js vulnerabilities CVE-2018-7167, CVE-2018-12115, and CVE-2018-12116
Security Advisory Description CVE-2018-7167 Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instea...
Ubuntu: Security Advisory (USN-4796-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1892-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4796-1: Node.js vulnerabilities
Alexander Minozhenko and James Bunton discovered that Node.js did not properly handle wildcards in name fields of X.509 TLS certificates. An attacker could use this vulnerability to execute a machine-in-the-middle- attack. This issue only affected Ubuntu 14.04 ESM and 16.04 ESM. CVE-2016-7099 It...
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2018:1918-1)
This update for nodejs8 to version 8.11.3 fixes the following issues: These security issues were fixed : - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the http...
SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2018:1892-1)
This update for nodejs6 to version 6.14.3 fixes the following issues: The following security vulnerability was addressed : - Fixed a denial of service DoS vulnerability in Buffer.fill, which could hang when being called CVE-2018-7167, bsc1097375. The following other changes were made : - Use...
openSUSE Security Update : nodejs8 (openSUSE-2018-724)
This update for nodejs8 to version 8.11.3 fixes the following issues : These security issues were fixed : - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the htt...
openSUSE Security Update : nodejs6 (openSUSE-2018-723)
This update for nodejs6 to version 6.14.3 fixes the following issues : The following security vulnerability was addressed : - Fixed a denial of service DoS vulnerability in Buffer.fill, which could hang when being called CVE-2018-7167, bsc1097375. The following other changes were made : - Use...
Security update for nodejs8 (moderate)
This update for nodejs8 to version 8.11.3 fixes the following issues: These security issues were fixed: - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the http2...
Security update for nodejs6 (moderate)
This update for nodejs6 to version 6.14.3 fixes the following issues: The following security vulnerability was addressed: - Fixed a denial of service DoS vulnerability in Buffer.fill, which could hang when being called CVE-2018-7167, bsc1097375. The following other changes were made: - Use absolu...
openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2018:1962-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Denial Of Service (DoS)
node is vulnerable to denial of service DoS attacks. A malicious user can call the Buffer.fill or Buffer.alloc function to cause the application to hang, leading to a denial of service...
CVE-2018-7167
It was found that the Buffer.fill and Buffer.alloc function may hang. An attacker able to control the input of these function could use this flaw to cause a denial of service...
CVE-2018-7167
Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of...
CVE-2018-7167
Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of...
CVE-2018-7167
Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of...
Cross site scripting
Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of...
CVE-2018-7167
Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instead of hanging in these cases. All versions of...