Lucene search
K

7 matches found

F5 Networks
F5 Networks
added 2023/09/20 5:42 p.m.45 views

K000136924: Node.JS vulnerabilities CVE-2018-7158, CVE-2018-7164, and CVE-2018-7166

Security Advisory Description CVE-2018-7158 The 'path' module in the Node.js 4.x release line contains a potential regular expression denial of service ReDoS vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The...

7.5CVSS7.5AI score0.06411EPSS
Exploits0
CBLMariner
CBLMariner
added 2021/08/11 6:39 a.m.30 views

CVE-2018-7164 affecting package nodejs 8.11.4-7

CVE-2018-7164 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.4AI score0.06411EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/11/14 12:0 a.m.34 views

Node.js multiple vulnerabilities (July 2018 Security Releases).

The version of Node.js installed on the remote host is 6.x prior to 6.14.3, 8.x prior to 8.11.3, 9.x prior to 9.11.2 or 10.x prior to 10.4.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's...

7.8CVSS7.3AI score0.10782EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/26 6:40 p.m.41 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private and IBM Cloud Private Cloud Foundry (CVE-2018-7167, CVE-2018-7164, CVE-2018-7162, CVE-2018-1000168, CVE-2018-7161)

Summary IBM Cloud Private and IBM Cloud Private Cloud Foundry are vulnerable to multiple security vulnerabilities Vulnerability Details CVEID: CVE-2018-7167 DESCRIPTION: Node.js is vulnerable to a denial of service. By invoking Buffer.fill or Buffer.alloc , a remote attacker could exploit this...

7.8CVSS0.6AI score0.10782EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2018/07/10 12:0 a.m.20 views

Node.js Denial-of-Service Vulnerability - 04 - Mac OS X

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

7.5CVSS7.4AI score0.06411EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/07/09 12:0 a.m.21 views

Node.js DoS Vulnerability - 04 - Windows

Node.js is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

7.5CVSS7.4AI score0.06411EPSS
Exploits0References1
CVE
CVE
added 2018/06/13 4:0 p.m.82 views

CVE-2018-7164

CVE-2018-7164 affects Node.js 9.7.0+ and 10.x. The issue is a memory-exhaustion vulnerability introduced when reading from the network into JavaScript via the net.Socket object used as a stream, enabling a denial of service by sending tiny chunks in rapid succession. The behavior was reverted to ...

7.5CVSS7.1AI score0.06411EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder