Node.js third-party modules: [atlasboard-atlassian-package] Cross-site Scripting (XSS)

I would like to report XSS in atlasboard-atlassian-package It allows to inject clientside javascript or HTML in cases when attacker has opportunity to create or modify issues on JIRA server e.g bug tracker which is configured to work with application from module. Module module name:...

RHEL 7 : Red Hat OpenShift Application Runtimes Node.js 8.11.4 (RHSA-2018:2552)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2552 advisory. Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications...

RHEL 6 : node.js (RHSA-2015:1545)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1545 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...

RHEL 7 : Red Hat OpenShift Application Runtimes Node.js 10.9.0 (RHSA-2018:2553)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2553 advisory. Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications...

RHEL 6 : node.js (RHSA-2015:1546)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2015:1546 advisory. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud...

Node.js third-party modules: Prototype pollution attack through jQuery $.extend

I would like to report prototype pollution in jQuery. It allows an attacker to inject properties on Object.prototype. Module module name: jquery version: 3.3.1 npm page: https://www.npmjs.com/package/jquery Module Description jQuery is a fast, small, and feature-rich JavaScript library. Module...

Node.js third-party modules: [harp] File access even when they have been set to be ignored.

I would like to report information disclosure through file access in harp. It allows to access files that are supposed to be ignored according to the harp server rules. Module module name: harp version: 0.29.0 npm page: https://www.npmjs.com/package/harp Module Description zero-configuration web...

Node.js third-party modules: [harp] Unsafe rendering of Markdown files

I would like to report Cross Site Scripting vulnerablity in harp module It allows to execute arbitrary JavaScript due to unsafe rendering of markdown files. Similar to 404126 Module module name: harp version: 0.29.0 npm page: https://www.npmjs.com/package/harp Module Description zero-configuratio...

Node.js: Fix for CVE-2018-12122 can be bypassed via keep-alive requests

Summary: Fix for CVE-2018-12122 can be bypassed via keep-alive requests Description: I'm not a security expert, neither I'm familiar with Node.js core, so please forgive me if this report is inaccurate and in that case, sorry for your time. While investigating the issue 515I checked out the fix t...

HTTP Request Smuggling

Node.js is vulnerable to HTTP request smuggling. Improper parsing of the path option of an HTTP request allows for a remote attacker to smuggle an HTTP request using Unicode data within the HTTP request, potentially bypassing existing access controls...

Hostname Spoofing

Node.js is vulnerable to hostname spoofing. The hostname can be spoofed using a mixed case Javascript e.g. javAscript protocol if the node.js application uses url.parse to determine the hostname of the URL. This causes hostname-based access controls to be incorrect and allows a remote attacker to...

Denial Of Service (DoS)

Node.js is vulnerable to denial of service. A remote attacker is able to cause a heap allocation failure by sending multiple requests with large HTTP headers of 80KB per connection at timed intervals, resulting in a denial of service condition...

Unspecified vulnerability in Joyent Node.js (CNVD-2019-42556)

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...

Joyent Node.js Denial of Service Vulnerability (CNVD-2019-42558)

Joyent Node.js is the United States Joyent company's set of web applications built on top of the Google V8 JavaScript engine platform. The platform is primarily used for building highly scalable applications and writing code that can handle tens of thousands of simultaneous connections to a singl...

Path Traversal

Overview All versions of takeapeek are vulnerable to path traversal exposing files and directories. Recommendation As no fix is currently available for this vulnerability is it is our recommendation to use another static file server. References - HackerOne Report - Node.js Security-wg - GitHub...

Prototype Pollution

Overview Version of cached-path-relative before 1.0.2 are vulnerable to prototype pollution. Recommendation Update to version 1.0.2 or later. References - HackerOne Report - GitHub Issue - Node.js Security-wg - GitHub Advisory...

Node.js 'debugger' Privilege Escalation Vulnerability - Mac OS X

Node.js is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

Node.js 'debugger' Privilege Escalation Vulnerability - Windows

Node.js is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

Node.js 'HTTP Splitting' Privilege Escalation Vulnerability - Windows

Node.js is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js";...

Node.js Multiple Vulnerabilities (Nov 2018) - Mac OS X

Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...