ROS-20250827-06

A vulnerability in the pbkdf2 library of the Node.js software platform is related to a flaw in the input data validation mechanism. of input data. Exploitation of the vulnerability could allow an attacker acting remotely to forge a digital signature by sending specially crafted packets...

The vulnerability of the experimental-permission configuration in the Node.js software platform allows a hacker to bypass security restrictions and gain unauthorized access to protected information.

The vulnerability of the experimental-permission configuration in the Node.js software platform is related to incorrect restrictions on the path to the restricted directory. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain unauthorized access to...

The vulnerability of the client HTTP/1.1 and the Node.js software platform allows a perpetrator to execute arbitrary code.

The vulnerability of the HTTP/1.1 client and the Node.js software platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the excalidraw package on the Node.js software platform arises from the lack of measures to sanitize input data, allowing attackers to execute XSS attacks.

The vulnerability of the excalidraw package on the Node.js software platform is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using a specially created link...

The vulnerability of the node-ip utility in the Node.js software platform allows a hacker to execute arbitrary code.

The vulnerability of the node-ip utility in the Node.js software platform is related to insufficient checking of incoming requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the emulator for testing JavaScript code on the Node.js software platform, which allows attackers to carry out XSS attacks.

The vulnerability of the emulator used to test JavaScript code on the Node.js software platform exists because measures to protect the structure of web pages have not been taken. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Node.js software platform, related to insufficient data authenticity checking, allows a perpetrator to bypass integrity checks.

The vulnerability of the Node.js software platform is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disable the integrity checks...

The vulnerability of the providers.dll library in the Node.js software platform, related to HTTP request processing flaws, allows attackers to execute arbitrary code.

The vulnerability of the providers.dll library in the Node.js software platform is related to an uncontrolled search path during the loading of DLL libraries. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Node.js software platform, related to a bug in the resource consumption monitoring mechanism, allows a hacker to trigger a service failure.

The vulnerability of the Node.js software platform is related to the improper handling of a large number of requests sent to the unknownProtocol. Exploiting this vulnerability allows an attacker who operates remotely to cause service failures...

The vulnerability relates to the implementation of the HTTP/2 server using the nginx software framework and Node.js, as well as the SwiftNIO networking library. It involves an uncontrolled resource consumption, allowing attackers to cause service failures.

The vulnerability of the HTTP/2 server implementation of nginx, a Node.js software platform, and the SwiftNIO networking framework is related to an uncontrolled resource consumption when processing a header with a parameter equal to zero. Exploiting this vulnerability could allow a malicious acto...