Lucene search
Veracode Vulnerability DatabaseVERACODE:27219HistorySep 24, 2020 - 10:38 a.m.
Buffer Overflow
2020-09-2410:38:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23
node.js
buffer overflow
realpath
implementation
software security
EPSS
0.001
Percentile
19.0%
The implementation of realpath used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
References
lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.html
hackerone.com/reports/965914
lists.fedoraproject.org/archives/list/[email protected]/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/
nodejs.org/en/blog/vulnerability/september-2020-security-releases/
security.gentoo.org/glsa/202009-15
security.netapp.com/advisory/ntap-20201009-0004/
usn.ubuntu.com/4548-1/
Related
gentoo
gentoo
libuv: Buffer overflow
2020-09-29 00:00:00
ubuntu
ubuntu
libuv vulnerability
2020-09-28 00:00:00
nvd
nvd
CVE-2020-8252
2020-09-18 21:15:13
redhatcve
redhatcve
CVE-2020-8252
2020-09-16 02:18:27
hackerone
hackerone
Node.js: `fs.realpath.native` on darwin may cause buffer overflow
2020-08-24 15:18:48
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-1.0-0331
2020-10-13 00:00:00
Important Photon OS Security Update - PHSA-2020-0150
2020-10-12 00:00:00
Important Photon OS Security Update - PHSA-2020-0331
2020-10-13 00:00:00
nessus
nessus
Photon OS 3.0: Nodejs PHSA-2020-3.0-0150
2020-10-16 00:00:00
GLSA-202009-15 : libuv: Buffer overflow
2020-09-30 00:00:00
Photon OS 1.0: Nodejs10 PHSA-2020-1.0-0331
2020-10-16 00:00:00
debiancve
debiancve
CVE-2020-8252
2020-09-18 21:15:13
osv
osv
BIT-node-2020-8252
2024-03-06 11:07:50
CVE-2020-8252
2020-09-18 21:15:13
libuv1 vulnerability
2020-09-28 14:43:13
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0398)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4548-1)
2020-09-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:2823-1)
2021-06-09 00:00:00
ibm
ibm
alpinelinux
alpinelinux
CVE-2020-8252
2020-09-18 21:15:13
ubuntucve
ubuntucve
CVE-2020-8252
2020-09-18 00:00:00
cvelist
cvelist
CVE-2020-8252
2020-09-18 20:11:51
mageia
mageia
Updated libuv packages a fix security vulnerability
2020-11-08 17:14:27
Updated nodejs packages fix security vulnerabilities
2020-09-27 23:06:37
cve
cve
CVE-2020-8252
2020-09-18 21:15:13
prion
prion
Buffer overflow
2020-09-18 21:15:00
suse
suse
Security update for nodejs10 (important)
2020-10-12 00:00:00
Security update for nodejs12 (important)
2020-10-05 00:00:00
nodejsblog
nodejsblog
September 2020 Security Releases
2020-09-15 00:00:00
freebsd
freebsd
Node.js -- September 2020 Security Releases
2020-09-08 00:00:00
almalinux
almalinux
Moderate: nodejs:12 security and bug fix update
2020-10-19 07:13:10
Moderate: nodejs:10 security update
2021-02-16 07:34:15
redhat
redhat
(RHSA-2020:4903) Moderate: nodejs:12 security and bug fix update
2020-11-04 09:29:19
(RHSA-2020:4272) Moderate: nodejs:12 security and bug fix update
2020-10-19 07:13:10
(RHSA-2020:5086) Moderate: rh-nodejs12-nodejs security update
2020-11-11 13:06:16
rocky
rocky
nodejs:12 security and bug fix update
2020-10-19 07:13:10
nodejs:10 security update
2021-02-16 07:34:15
oraclelinux
oraclelinux
nodejs:12 security and bug fix update
2020-10-20 00:00:00
nodejs:10 security update
2021-02-20 00:00:00
threatpost
threatpost
IBM Squashes Critical Remote Code-Execution Flaw
2021-02-23 19:36:32
fedora
fedora
[SECURITY] Fedora 33 Update: nodejs-14.15.1-1.fc33
2020-12-13 02:10:30
ics
ics
Hitachi Energy FACTS Control Platform (FCP) Product
2022-08-30 12:00:00
Hitachi Energy Gateway Station (GWS) Product
2022-08-30 12:00:00
Hitachi Energy MicroSCADA Pro/X SYS600
2022-04-21 12:00:00