Lucene search
K

55 matches found

CBLMariner
CBLMariner
added 2024/03/14 10:34 p.m.108 views

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3. A patched version of the package is available...

7.5CVSS7.3AI score0.54164EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.35 views

Rocky Linux 8 : nodejs:14 (RLSA-2021:0551)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0551 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

9.8CVSS7.4AI score0.69062EPSS
Exploits6References15
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.40 views

Rocky Linux 8 : nodejs:12 (RLSA-2020:5499)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:5499 advisory. - An issue was discovered in ajv.validate in Ajv aka Another JSON Schema Validator 6.12.2. A carefully crafted JSON schema could be provided that allows...

9.8CVSS7.4AI score0.69062EPSS
Exploits2References8
OSV
OSV
added 2023/08/31 12:16 p.m.1 views

BELL-CVE-2020-8277 CVE-2020-8277 does not affect BellSoft software

Bulletin has no description...

7.5CVSS7.3AI score0.54164EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.55 views

K07944249: Node.js vulnerability CVE-2020-8277

Security Advisory Description A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is...

7.5CVSS7.8AI score0.54164EPSS
Exploits0Affected Software15
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.56 views

RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:5305)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5305 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

9.8CVSS7.2AI score0.69062EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/07 6:16 p.m.38 views

Security Bulletin: Node.js as used by IBM Security QRadar Packet Capture contains multiple vulnerabilities (CVE-2020-8201, CVE-2020-8252, CVE-2020-8251, CVE-2020-8277)

Summary Node.js as used by IBM Security QRadar Packet Capture contains multiple vulnerabilities. Vulnerability Details CVEID: CVE-2020-8201 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion. By sending specially crafted HTTP request headers, an attack...

7.8CVSS0.9AI score0.54164EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/07/12 12:0 a.m.412 views

F5 Networks BIG-IP : Node.js vulnerability (K07944249)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.4 / 15.1.4.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K07944249 advisory. - A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could...

7.5CVSS7.6AI score0.54164EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2021:0061-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.54164EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2020:3549-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.54164EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:0062-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7AI score0.54164EPSS
Exploits6References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/04/29 11:10 a.m.41 views

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to a denial of service attack through a DNS lookup that returns a large number of responses (CVE-2020-8277)

Summary An App Connect Enterprise flow could trigger a denial of service if made to resolve a DNS lookup for an endpoint that returns a large number of responses Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to...

7.5CVSS1.4AI score0.54164EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2021/04/16 12:0 a.m.31 views

openSUSE: Security Advisory for nodejs14 (openSUSE-SU-2021:0066-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.9AI score0.54164EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.31 views

EulerOS Virtualization 2.9.0 : c-ares (EulerOS-SA-2021-1756)

According to the version of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service i...

7.5CVSS7.6AI score0.54164EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/04/15 12:0 a.m.38 views

EulerOS Virtualization 2.9.1 : c-ares (EulerOS-SA-2021-1710)

According to the version of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service i...

7.5CVSS7.6AI score0.54164EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/13 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-1756)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.54164EPSS
Exploits0References2
OSV
OSV
added 2021/04/07 11:2 a.m.7 views

OESA-2021-1099 c-ares security update

This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need to perform multiple. Security Fixes: A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Deni...

7.5CVSS6.9AI score0.54164EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/12 7:9 p.m.40 views

Security Bulletin: Streams Flows might be affected by some underlying Node.js vulnerabilities

Summary Streams Flows might be affected by some underlying Node.js vulnerabilities. Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker could exploit...

7.5CVSS0.9AI score0.54164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/11 11:5 a.m.48 views

Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-8277

Summary IBM Watson OpenScale on Cloud Pak for Data has addressed CVE-2020-8277. Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker could exploit thi...

7.5CVSS1.6AI score0.54164EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/06 5:41 p.m.37 views

Security Bulletin: IBM API Connect is vulnerable to denial of service (DoS) via Node.js (CVE-2020-8277)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-8277 DESCRIPTION: Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker could exploit this vulnerabili...

7.5CVSS1AI score0.54164EPSS
Exploits0Affected Software1
Rows per page
Query Builder