Lucene search
K

8 matches found

Node.js
Node.js
added 2021/05/07 4:48 p.m.344 views

Uncontrolled Resource Consumption in json-bigint

Overview Prototype pollution in json-bigint package 1.0.0 may lead to a denial-of-service DoS attack. Recommendation Upgrade to version 1.0.0 or later References - CVE - GitHub Advisory...

5CVSS4.9AI score0.01708EPSS
Exploits1Affected Software1
vulnersOsv
vulnersOsv
added 2021/05/07 4:47 p.m.4 views

0chain (>=1.0.1 <=1.3.14), 20scoops-localizer (>=1.0.0 <=1.2.8) +3058 more potentially affected by CVE-2020-8237 via json-bigint (>=0.1.4 <=0.4.0)

json-bigint NPM version =0.1.4, =1.0.1, =1.0.0, =2.0.0, =0.1.0, =1.0.0, =1.0.24, =1.5.4, =1.9.6, =1.1.0, =1.4.1, =0.0.1, =0.0.14, =0.0.14, =0.0.13, =0.0.14, =0.0.16 and more Source cves: CVE-2020-8237 Source advisory: OSV:GHSA-WGFQ-7857-4JCC...

7.5CVSS7AI score0.01708EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/12/17 7:42 p.m.106 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update

Updated images are now available for Red Hat OpenShift Container Storage 4.6.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS6.8AI score0.0473EPSS
Exploits2References88
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/15 1:19 p.m.24 views

Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to buffer overflows, Denial of Service or HTTP request smuggling

Summary App Connect Enterprise Certified Container when running Desginer flows may be vulnerable to Denial of Service via to CVE-2020-8237, HTTP request smuggling via CVE-2020-8201 or buffer overflows via CVE-2020-8252. Vulnerability Details CVEID: CVE-2020-8237 DESCRIPTION: Node.js json-bigint...

7.8CVSS1.2AI score0.05093EPSS
Exploits1Affected Software1
NVD
NVD
added 2020/09/18 9:15 p.m.14 views

CVE-2020-8237

Prototype pollution in json-bigint npm package 1.0.0 may lead to a denial-of-service DoS attack...

7.5CVSS0.01708EPSS
Exploits1References1
OSV
OSV
added 2020/09/18 9:15 p.m.18 views

CVE-2020-8237

Prototype pollution in json-bigint npm package 1.0.0 may lead to a denial-of-service DoS attack...

7.5CVSS6.4AI score
Exploits0References1
Cvelist
Cvelist
added 2020/09/18 8:12 p.m.26 views

CVE-2020-8237

Prototype pollution in json-bigint npm package 1.0.0 may lead to a denial-of-service DoS attack...

7.3AI score0.01708EPSS
Exploits1References1
CVE
CVE
added 2020/09/18 8:12 p.m.79 views

CVE-2020-8237

CVE-2020-8237 describes a DoS via prototype pollution in the json-bigint npm package (

7.5CVSS7.2AI score0.01708EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder