8 matches found
BIT-NODE-MIN-2025-27209
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...
BIT-NODE-2025-27209
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...
CVE-2025-27209
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...
CVE-2025-27209
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...
CVE-2025-27209
CVE-2025-27209 affects Node.js v24.x where the V8 string-hashing implementation (rapidhash) re-introduces a HashDoS risk: an attacker who controls input strings can induce hash collisions, potentially enabling a DoS-style attack without knowledge of the hash seed. The vulnerability is tied to the...
CVE-2025-27209
The V8 release used in Node.js v24.0.0 has changed how string hashes are computed using rapidhash. This implementation re-introduces the HashDoS vulnerability as an attacker who can control the strings to be hashed can generate many hash collisions - an attacker can generate collisions even witho...
Security Bulletin: Power Hardware Management Console is Affected by Vulnerabilities in OpenSSL (CVE-2014-0224, CVE-2014-0221, CVE- 2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470)
Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and servers. A remote attacker could exploit this...
Azure File Sync Agent v8 Release – October 2019
Azure File Sync Agent v8 Release – October 2019 Introduction This article describes the improvements and issues that are fixed in the Azure File Sync Agent v8 release that is dated October 2019. Additionally, this article contains installation instructions for the update. Improvements and issues...