Lucene search
K

4 matches found

ALT Linux
ALT Linux
added 2020/09/16 12:0 a.m.47 views

Security fix for the ALT Linux 10 package node version 14.11.0-alt1

Sept. 16, 2020 Vitaly Lipatov 14.11.0-alt1 - new version 14.11.0 with rpmrb script - CVE-2020-8251: Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests Critical - CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion High...

5.8CVSS7.7AI score0.08794EPSS
Exploits0
ALT Linux
ALT Linux
added 2020/09/16 12:0 a.m.42 views

Security fix for the ALT Linux 9 package node version 14.11.0-alt1

Sept. 16, 2020 Vitaly Lipatov 14.11.0-alt1 - new version 14.11.0 with rpmrb script - CVE-2020-8251: Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests Critical - CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion High...

5.8CVSS7.7AI score0.08794EPSS
Exploits0
FreeBSD
FreeBSD
added 2020/09/08 12:0 a.m.52 views

Node.js -- September 2020 Security Releases

Node.js reports: Updates are now available for v10,x, v12.x and v14.x Node.js release lines for the following issues. HTTP Request Smuggling due to CR-to-Hyphen conversion High CVE-2020-8201 Affected Node.js versions converted carriage returns in HTTP request headers to a hyphen before parsing...

7.8CVSS1.5AI score0.08794EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/07/13 2:57 p.m.70 views

Node.js: HTTP Request Smuggling due to CR-to-Hyphen conversion

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! Summary: add summary of the vulnerabili...

5.8CVSS7.6AI score0.05093EPSS
Exploits0
Rows per page
Query Builder