7909 matches found
CVE-2018-3745
atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below...
CVE-2016-10586
CVE-2016-10586 affects the macaca-chromedriver Node.js wrapper for Selenium’s chromedriver. The vulnerability arises because it downloads binary resources over HTTP, enabling a man-in-the-middle (MITM) attacker to swap the requested binary with a malicious one, potentially causing remote code exe...
CVE-2016-10590
cue-sdk-node is a Corsair Cue SDK wrapper for node.js. cue-sdk-node downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested zip file with an attacker controlled zip file if the attacker i...
CVE-2016-10586
macaca-chromedriver is a Node.js wrapper for the selenium chromedriver. macaca-chromedriver before 1.0.29 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
CVE-2016-10577
ibmdb is an asynchronous/synchronous interface for node.js to IBM DB2 and IBM Informix. ibmdb before 1.0.2 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
CVE-2016-10558
The vulnerability CVE-2016-10558 affects the Aerospike Node.js addon. Versions below 2.4.2 download binary resources over HTTP, allowing a privileged network attacker to perform a MITM and swap the binary, potentially leading to remote code execution on the host running aerospike. The issue is tr...
CVE-2016-10558
aerospike is an Aerospike add-on module for Node.js. aerospike versions below 2.4.2 download binary resources over HTTP, which leaves the module vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker controlled binar...
Node.js third-party modules: [serve] Server Directory Traversal
I would like to report a Server Directory Traversal vulnerability in serve. It allows reading local files on the target server. Module module name: serve version: 7.0.1 npm page: https://www.npmjs.com/package/serve Module Description Assuming you would like to serve a static site, single page...
Node.js third-party modules: [serve] Stored XSS in the filename when directories listing
I would like to report a Stored XSS issue in module serve It allows executing malicious javascript code in the user's browser. Module module name: serve version: 7.0.1 npm page: https://www.npmjs.com/package/serve Module Description Assuming you would like to serve a static site, single page...
PT-2018-16167 · Node.Js · Atob
Name of the Vulnerable Software and Affected Versions: atob versions 2.0.3 and earlier Description: The issue arises when the atob function allocates uninitialized Buffers upon receiving a number as input on Node.js versions 4.x and below. Recommendations: Update to version 2.1.0 or later...
Node.js third-party modules: [buttle] Path traversal in mid-buttle module allows to read any file in the server.
Hello Node.js third-party modules I would like to report path traversal in buttle module It allows me to read any file in the server if i know the path. Module module name: buttle version: 0.2.0 npm page: https://www.npmjs.com/package/buttle Module Description Simple static file + markdown server...
PT-2018-11027 · Node.Js +2 · Node.Js +2
Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 6.15.0 Description: The issue allows remote computers to attach to the debug port and evaluate arbitrary JavaScript when the debugger is enabled with node --debug or node debug, as it listens on all interfaces by...
Node.js third-party modules: [simplehttpserver] List any file in the folder by using path traversal.
I would like to report Path Traversal in simplehttpserver. It allows to list any file in another folder of web root. Module module name: simplehttpserver version: 0.1.1 npm page: https://www.npmjs.com/package/simplehttpserver Module Description 'simpehttpserver' is an simple imitation of python's...
Node.js third-party modules: Samlify is vulnerable to signature wrapping
I would like to report a signature wrapping weakness in samlify It allows an attacker to modify a SAML token received from the IdP before validating it with the service provider Module module name: samlify version: 2.3.7 npm page: https://www.npmjs.com/package/samlify Module Description Highly...
Node.js third-party modules: [servey] Path Traversal allows to retrieve content of any file with extension from remote server
Hi Team, I would like to report a partial Path Traversal in servey module. It allows to read content of any arbitrary file with extension from the server. Module module name: servey version: 2.2.0 npm page: https://www.npmjs.com/package/servey Module Description A static & single page application...
Node.js third-party modules: [statics-server] XSS via injected iframe in file name when statics-server displays directory index in the browser
Hi Team, I would like to report HTML Injection in statics-server module. It is possible to inject malicious iframe tag via filename and execute arbitray JavaScript code. Module module name: statics-server version: 0.0.9 npm page: https://www.npmjs.com/package/statics-server Module Description npm...
Node.js third-party modules: [statics-server] Path Traversal due to lack of provided path sanitization
Hi Team, I would like to report Path Traversal in statics-server module. It allows to read content of any arbitrary file from the server. Module module name: statics-server version: 0.0.9 npm page: https://www.npmjs.com/package/statics-server Module Description npm install statics-server -g Go to...
CVE-2018-7159
The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the Node.js HTTP parser has been...
CVE-2018-7160
The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the...
DEBIAN-CVE-2018-7160
The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the...