Node.js Security Vulnerabilities and Issues — Page 4 of Node.js CVE List

Lucene search

NodejsNode.js

156 matches found

CVE•added 2020/02/11 5:15 p.m.•49 views

CVE-2014-9748

The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race con...

8.1CVSS8.4AI score0.00402EPSS

CVE•added 2017/01/23 9:59 p.m.•46 views

CVE-2013-7451

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag.

6.1CVSS6AI score0.00768EPSS

CVE•added 2017/01/23 9:59 p.m.•42 views

CVE-2014-9772

The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.

6.1CVSS6.1AI score0.00602EPSS

CVE•added 2017/01/23 9:59 p.m.•41 views

CVE-2013-7454

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.

6.1CVSS6AI score0.00655EPSS

CVE•added 2017/10/10 4:29 p.m.•39 views

CVE-2015-7384

Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

7.5CVSS7.3AI score0.00878EPSS

CVE•added 2017/01/23 9:59 p.m.•35 views

CVE-2013-7452

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.

6.1CVSS5.9AI score0.00676EPSS

Total number of security vulnerabilities156