Node.js Security Vulnerabilities and Issues — Node.js CVE List | Vulners.com

Lucene search

K

NodejsNode.js

3 matches found

CVE•added 2014/06/05 9:55 p.m.•423 views

CVE-2014-0224

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions...

7.4CVSS7.5AI score0.93059EPSS

CVE•added 2014/03/05 5:11 a.m.•74 views

CVE-2013-6668

Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

7.5CVSS9.3AI score0.08647EPSS

CVE•added 2014/10/19 1:55 a.m.•65 views

CVE-2014-7191

The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.

5CVSS6.4AI score0.01092EPSS