Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-31364

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.09358EPSS
Exploits1References16
OSV
OSV
added 2024/12/16 2:3 p.m.14 views

BIT-NODE-MIN-2021-44533

Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...

5.3CVSS6.5AI score0.09358EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.34 views

Oracle Linux 8 : nodejs:14 (ELSA-2022-7830)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7830 advisory. - Record issues fixed in the current version Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824 Resolves: CVE-2022-0235 - Rebase to...

8.8CVSS7.5AI score0.21514EPSS
Exploits4References6
IBM Security Bulletins
IBM Security Bulletins
added 2022/04/21 2:41 p.m.43 views

Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise (CVE-2021-44533)

Summary IBM App Connect Enterprise ships with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2021-44533 DESCRIPTION: Node.js could allow a remote attacker to bypass security restrictions, caused by...

5.3CVSS0.7AI score0.09358EPSS
Exploits1
NVD
NVD
added 2022/02/24 7:15 p.m.20 views

CVE-2021-44533

Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...

5.3CVSS0.09358EPSS
Exploits1References6
OSV
OSV
added 2022/02/24 7:15 p.m.3 views

ALPINE-CVE-2021-44533

Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...

5.3CVSS7AI score0.09358EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2022/02/24 6:27 p.m.34 views

CVE-2021-44533

Node.js 12.22.9, 14.18.3, 16.13.2, and 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in...

5.3CVSS7.7AI score0.09358EPSS
Exploits1
CVE
CVE
added 2022/02/24 6:27 p.m.270 views

CVE-2021-44533

CVE-2021-44533 affects Node.js by improper handling of multi-value Relative Distinguished Names, potentially allowing bypass of certificate subject verification. Affected are Node.js versions < 12.22.9, < 14.18.3, < 16.13.2, and

5.3CVSS6.3AI score0.09358EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/01/19 12:0 a.m.44 views

openSUSE 15 Security Update : nodejs12 (openSUSE-SU-2022:0113-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0113-1 advisory. - Accepting arbitrary Subject Alternative Name SAN types, unless a PKI is specifically defined to use a particular SAN type, can result in...

8.2CVSS6.8AI score0.21514EPSS
Exploits2References13
Rows per page
Query Builder