Lucene search
K

10 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.36 views

K17238: Node.js vulnerability CVE-2015-5380

Security Advisory Description The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows...

7.5CVSS8.4AI score0.02995EPSS
Exploits0Affected Software16
IBM Security Bulletins
IBM Security Bulletins
added 2018/08/09 4:20 a.m.29 views

Security Bulletin: Current Release of IBM® SDK for Node.js™ in IBM Bluemix is affected by CVE-2015-5380

Summary Denial of service vulnerability caused by an out of bounds write in the V8 JavaScript engine's UTF decoder. Vulnerability Details CVEID: CVE-2015-5380 DESCRIPTION: Google V8, as used in Node.js, is vulnerable to a denial of service that is caused by the failure to verify available memory...

7.5CVSS1.5AI score0.02995EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2015/09/18 12:0 a.m.20 views

F5 BIG-IP - Node.js vulnerability CVE-2015-5380

The remote host is missing a security patch. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/h:f5:big-ip"; if description...

7.5CVSS8.2AI score0.02995EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/09/09 12:0 a.m.43 views

F5 Networks BIG-IP : Node.js vulnerability (SOL17238)

The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a deni...

7.5CVSS7.9AI score0.02995EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2015/09/08 12:0 a.m.34 views

SOL17238 - Node.js vulnerability CVE-2015-5380

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.7AI score0.02995EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/08/04 12:0 a.m.27 views

io.js 'V8 utf-8 decoder' Denial Of Service Vulnerability - Windows

io.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:iojs:io.js"; ifdescripti...

7.5CVSS9.2AI score0.02995EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/08/04 12:0 a.m.33 views

Node.js 'V8 utf-8 decoder' DoS Vulnerability - Windows

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

7.5CVSS9.2AI score0.02995EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/07/09 10:59 a.m.24 views

CVE-2015-5380

The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a deni...

7.5CVSS7.2AI score0.02995EPSS
Exploits0References6
CVE
CVE
added 2015/07/09 10:0 a.m.75 views

CVE-2015-5380

CVE-2015-5380 affects Google V8 (as used by Node.js and io.js) where Utf8DecoderBase::WriteUtf16Slow may not verify memory for a UTF-16 surrogate pair. This can enable a remote attacker to trigger denial of service via a crafted byte sequence, potentially causing memory corruption. Affected versi...

7.5CVSS9.4AI score0.02995EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/07/06 12:0 a.m.23 views

FreeBSD : node, iojs, and v8 -- denial of service (864e6f75-2372-11e5-86ff-14dae9d210b8)

node reports : This release of Node.js fixes a bug that triggers an out-of-band write in V8's utf-8 decoder. This bug impacts all Buffer to String conversions. This is an important security update as this bug can be used to cause a denial of service attack. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS7.9AI score0.02995EPSS
Exploits0References6
Rows per page
Query Builder