10 matches found
K17238: Node.js vulnerability CVE-2015-5380
Security Advisory Description The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows...
Security Bulletin: Current Release of IBM® SDK for Node.js™ in IBM Bluemix is affected by CVE-2015-5380
Summary Denial of service vulnerability caused by an out of bounds write in the V8 JavaScript engine's UTF decoder. Vulnerability Details CVEID: CVE-2015-5380 DESCRIPTION: Google V8, as used in Node.js, is vulnerable to a denial of service that is caused by the failure to verify available memory...
F5 BIG-IP - Node.js vulnerability CVE-2015-5380
The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...
F5 Networks BIG-IP : Node.js vulnerability (SOL17238)
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a deni...
SOL17238 - Node.js vulnerability CVE-2015-5380
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
io.js 'V8 utf-8 decoder' Denial Of Service Vulnerability - Windows
io.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:iojs:io.js"; ifdescripti...
Node.js 'V8 utf-8 decoder' DoS Vulnerability - Windows
Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...
CVE-2015-5380
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a deni...
CVE-2015-5380
CVE-2015-5380 affects Google V8 (as used by Node.js and io.js) where Utf8DecoderBase::WriteUtf16Slow may not verify memory for a UTF-16 surrogate pair. This can enable a remote attacker to trigger denial of service via a crafted byte sequence, potentially causing memory corruption. Affected versi...
FreeBSD : node, iojs, and v8 -- denial of service (864e6f75-2372-11e5-86ff-14dae9d210b8)
node reports : This release of Node.js fixes a bug that triggers an out-of-band write in V8's utf-8 decoder. This bug impacts all Buffer to String conversions. This is an important security update as this bug can be used to cause a denial of service attack. %NASLMINLEVEL 70300 C Tenable Network...