Nextgen Api Security Vulnerabilities and Issues — Nextgen Api CVE List

Lucene search

NetappNextgen Api

4 matches found

CVE•added 2021/08/16 7:15 p.m.•397 views

CVE-2021-22931

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection v...

9.8CVSS9.9AI score0.00738EPSS

CVE•added 2021/08/16 7:15 p.m.•282 views

CVE-2021-22939

If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.

5.3CVSS7.4AI score0.00138EPSS

CVE•added 2021/08/16 7:15 p.m.•277 views

CVE-2021-22940

Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

7.5CVSS8.4AI score0.00349EPSS

CVE•added 2021/10/07 2:15 p.m.•238 views

CVE-2021-22930

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

9.8CVSS9.4AI score0.00359EPSS