Lucene search
+L

22 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : rh-nodejs12-nodejs-12.18.2-1.el7 (AXSA:2020-219:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-219:03 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 nodejs-minimist:...

9.3CVSS7.6AI score0.07646EPSS
Exploits4References6
nessus
nessus
added 2023/11/07 12:0 a.m.24 views

Rocky Linux 8 : nodejs:12 (RLSA-2020:2852)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:2852 advisory. - In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a...

9.3CVSS7.6AI score0.07646EPSS
Exploits4References9
nessus
nessus
added 2023/01/23 12:0 a.m.39 views

RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:2895)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2895 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.3CVSS7.8AI score0.07646EPSS
Exploits4References12
ics
ics
added 2022/08/30 12:0 a.m.56 views

Hitachi Energy Gateway Station (GWS) Product

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Gateway Station GWS Product Vulnerability: Inconsistent Interpretation of HTTP Requests, Use After Free, Classic Buffer Overflow, Integer Underflow, Improper Certificate...

4.3CVSS7.9AI score0.04803EPSS
Exploits0References5
ibm
ibm
added 2021/06/08 9:52 p.m.47 views

Security Bulletin: IBM DataPower Monitor is potentially vulnerable to an authentication bypass (CVE-2020-8172)

Summary IBM has addressed the relevant CVE CVE-2020-8172 Vulnerability Details CVEID: CVE-2020-8172 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions. The 'session' event could be emitted before the 'secureConnect' event and possibly allow for the reuse of the TLS...

7.4CVSS2.9AI score0.06065EPSS
Exploits1Affected Software1
ibm
ibm
added 2020/09/30 9:28 a.m.43 views

Security Bulletin: App Connect Enterprise Certified Container is affected by multiple Node.js vulnerabilities

Summary App Connect Enterprise Certified Container is vulnerable to CVE-2020-10531, CVE-2020-11080, CVE-2020-8174, CVE-2020-8172 in Node.js Vulnerability Details CVEID: CVE-2020-11080 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an error in the HTTP/2 session frame which i...

9.3CVSS0.9AI score0.07646EPSS
Exploits2Affected Software1
ibm
ibm
added 2020/08/13 1:19 p.m.45 views

Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by a International Components for Unicode (ICU) for C/C++ vulnerability (CVE-2020-10531)

Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in International Components for Unicode ICU for C/C++ Vulnerability Details CVEID: CVE-2020-11080 DESCRIPTION: Node.js is vulnerable to a denial of service, caused by an error in the HTTP/2...

9.3CVSS1.4AI score0.07646EPSS
Exploits2Affected Software1
nessus
nessus
added 2020/08/13 12:0 a.m.51 views

Oracle Linux 8 : nodejs:12 (ELSA-2020-2852)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-2852 advisory. - Fix CVE-2020-10531 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

9.3CVSS7.5AI score0.07646EPSS
Exploits4References5
ibm
ibm
added 2020/08/07 11:11 a.m.70 views

Security Bulletin: Version 10.19.0 of Node.js included in IBM Netcool Operations Insight 1.6.0.x has several security vulnerabilities

Summary Security Bulletin: Version 10.19.0 of Node.js included in IBM Netcool Operations Insight 1.6.0.x has several security vulnerabilities Vulnerability Details CVEID: CVE-2020-8172 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions. The 'session' event could be...

9.3CVSS1.5AI score0.07646EPSS
Exploits2Affected Software1
ibm
ibm
added 2020/08/03 10:56 p.m.58 views

Security Bulletin: Vulnerabilities in Node.js affect IBM Spectrum Protect Plus (CVE-2020-10531, CVE-2020-8172, CVE-2020-8174, CVE-2020-11080)

Summary Node.js is vulnerable to buffer overflows, bypass of security restrictions, and denial of service which may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2020-10531 DESCRIPTION: International Components for Unicode ICU for C/C++ is vulnerable to a heap-based buffer...

9.3CVSS1.6AI score0.07646EPSS
Exploits2Affected Software1
redhat
redhat
added 2020/07/13 10:51 a.m.86 views

Important: Red Hat Security Advisory: rh-nodejs12-nodejs security update

An update for rh-nodejs12-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.3CVSS7AI score0.07646EPSS
Exploits4References6
redhat
redhat
added 2020/07/07 5:48 p.m.75 views

Important: Red Hat Security Advisory: nodejs:12 security update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.3CVSS7AI score0.07646EPSS
Exploits4References5
redhat
redhat
added 2020/07/07 9:14 a.m.84 views

Important: Red Hat Security Advisory: nodejs:12 security update

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.3CVSS7AI score0.07646EPSS
Exploits4References5
almalinux
almalinux
added 2020/07/07 8:52 a.m.75 views

Important: nodejs:12 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 12.18.2. Security Fixes: nghttp2: overly large SETTINGS frames can lead to DoS...

9.3CVSS7.9AI score0.07646EPSS
Exploits4References5
rocky
rocky
added 2020/07/07 8:52 a.m.42 views

nodejs:12 security update

An update is available for nodejs-nodemon, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform for...

9.3CVSS7.9AI score0.07646EPSS
Exploits4
altlinux
altlinux
added 2020/06/19 12:0 a.m.37 views

Security fix for the ALT Linux 9 package node version 14.4.0-alt1

June 19, 2020 Vitaly Lipatov 14.4.0-alt1 - new version 14.4.0 with rpmrb script - set libicu = 6.5 - set libnghttp2 = 1.41.0 - CVE-2020-8172, CVE-2020-11080, CVE-2020-8174...

9.3CVSS8AI score0.07646EPSS
Exploits2
altlinux
altlinux
added 2020/06/19 12:0 a.m.42 views

Security fix for the ALT Linux 10 package node version 14.4.0-alt1

June 19, 2020 Vitaly Lipatov 14.4.0-alt1 - new version 14.4.0 with rpmrb script - set libicu = 6.5 - set libnghttp2 = 1.41.0 - CVE-2020-8172, CVE-2020-11080, CVE-2020-8174...

9.3CVSS7.1AI score0.07646EPSS
Exploits2
redhatcve
redhatcve
added 2020/06/08 7:24 p.m.36 views

CVE-2020-8172

A TLS Hostname verification bypass vulnerability exists in NodeJS. This flaw allows an attacker to bypass TLS Hostname verification when a TLS client reuses HTTPS sessions...

5.8CVSS1.8AI score0.06065EPSS
Exploits1References3
nvd
nvd
added 2020/06/08 2:15 p.m.25 views

CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...

7.4CVSS7.5AI score0.06065EPSS
Exploits1References9
cvelist
cvelist
added 2020/06/08 1:8 p.m.30 views

CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version 12.18.0 and 14.4.0...

7.5AI score0.06065EPSS
Exploits1References9
Rows per page
Query Builder