Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2014-5256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction...

5CVSS7.7AI score0.03261EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2014-0516)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS9.1AI score0.05428EPSS
Exploits2References6
Veracode
Veracode
added 2019/05/02 5:4 a.m.54 views

Denial Of Service (DoS)

V8 is Google's open source JavaScript engine. It was discovered that V8 did not properly check the stack size limit in certain cases. A remote attacker able to send a request that caused a script executed by V8 to use deep recursion could trigger a stack overflow, leading to a crash of an...

10CVSS6.7AI score0.05428EPSS
Exploits4References14Affected Software171
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:1 a.m.38 views

Security Bulletin: A security vulnerability in Node.js affects the IBM Business Process Manager (BPM) configuration editor (CVE-2014-5256)

Summary IBM Business Process Manager V8.5.5 provides a standalone tool for editing configuration properties files that is called the "IBM BPM Configuration editor." This editor is based on open source Node.js technology. A security vulnerability has been reported for Node.js. Vulnerability Detail...

5CVSS7.2AI score0.03261EPSS
Exploits1Affected Software3
Mageia
Mageia
added 2014/12/09 8:12 p.m.72 views

Updated nodejs package fixes security vulnerabilities

Updated nodejs package fixes security vulnerabilities: A memory corruption vulnerability, which results in a denial-of-service, was identified in the versions of V8 that ship with Node.js 0.8 and 0.10. In certain circumstances, a particularly deep recursive workload that may trigger a GC and...

7.5CVSS7.3AI score0.05428EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2014/10/30 12:8 p.m.44 views

Moderate: Red Hat Security Advisory: v8314-v8 security update

Updated v8314-v8 packages that fix multiple security issues are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

10CVSS7AI score0.05428EPSS
Exploits4References8
OSV
OSV
added 2014/09/05 5:55 p.m.9 views

CVE-2014-5256

Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30 does not consider the possibility of recursive processing that triggers V8 garbage collection in conjunction with a V8 interrupt, which allows remote attackers to cause a denial of service memory corruption and application crash via deep JSON...

6.9AI score
Exploits0References7
CVE
CVE
added 2014/09/05 5:0 p.m.75 views

CVE-2014-5256

CVE-2014-5256 affects Node.js runtimes using V8 where a memory corruption in recursive parsing of deep JSON objects can be triggered by a V8 interrupt, potentially causing a denial of service via a stack overflow. Affected versions include Node.js 0.8 before 0.8.28 and 0.10 before 0.10.30. Connec...

5CVSS6.9AI score0.03261EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder