Node.js Security Vulnerabilities and Issues — Node.js CVE List | Vulners.com

Lucene search

K

NodejsNode.js

3 matches found

CVE•added 2016/05/05 1:59 a.m.•692 views

CVE-2016-2107

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exi...

5.9CVSS6.9AI score0.78923EPSS

CVE•added 2016/05/05 1:59 a.m.•201 views

CVE-2016-2105

Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.

7.5CVSS7.7AI score0.62171EPSS

CVE•added 2016/05/14 9:59 p.m.•114 views

CVE-2016-1669

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impa...

9.3CVSS8.8AI score0.04822EPSS