Node.js Security Vulnerabilities and Issues — Node.js CVE List | Vulners.com

Lucene search

K

NodejsNode.js

3 matches found

CVE•added 2017/10/30 7:29 p.m.•86 views

CVE-2017-14919

Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter.

7.5CVSS7.2AI score0.01045EPSS

CVE•added 2017/10/23 6:29 p.m.•66 views

CVE-2014-3744

Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.

7.5CVSS7.4AI score0.5516EPSS

CVE•added 2017/10/10 4:29 p.m.•39 views

CVE-2015-7384

Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

7.5CVSS7.3AI score0.00878EPSS