Page 11 of 69 results (0.008 seconds)

CVSS: 7.4EPSS: 0%CPEs: 15EXPL: 0

Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option. Aceptar tipos de nombres alternativos de sujeto (SAN) arbitrarios, a menos que una PKI esté definida específicamente para usar un tipo de SAN concreto, puede resultar en una omisión de los intermediarios con restricción de nombre. • https://hackerone.com/reports/1429694 https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases https://security.netapp.com/advisory/ntap-20220325-0007 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2021-44531 https://bugzilla.redhat.com/show_bug.cgi?id=2040839 • CWE-295: Improper Certificate Validation •

CVSS: 8.2EPSS: 1%CPEs: 16EXPL: 0

Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to. Debido a la lógica de formato de la función "console.table()" no era seguro permitir que pasara la entrada controlada por el usuario al parámetro "properties" mientras pasaba simultáneamente un objeto plano con al menos una propiedad como primer parámetro, que podía ser "__proto__". La contaminación del prototipo presenta un control muy limitado, ya que sólo permite asignar una cadena vacía a las claves numéricas del prototipo del objeto.Node.js versiones posteriores a 12.22.9 incluyéndola, versiones posteriores a 14.18.3 incluyéndola, versiones posteriores a 16.13.2 incluyéndola, y versiones posteriores a 17.3.1 incluyéndola, usan un prototipo nulo para el objeto al que es asignada estas propiedades. • https://hackerone.com/reports/1431042 https://lists.debian.org/debian-lts-announce/2022/10/msg00006.html https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases https://security.netapp.com/advisory/ntap-20220325-0007 https://security.netapp.com/advisory/ntap-20220729-0004 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-2 • CWE-471: Modification of Assumed-Immutable Data (MAID) CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •

CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0

Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate success and a subsequent call to SSL_get_error() to return the value SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be returned by OpenSSL if the application has previously called SSL_CTX_set_cert_verify_callback(). Since most applications do not do this the SSL_ERROR_WANT_RETRY_VERIFY return value from SSL_get_error() will be totally unexpected and applications may not behave correctly as a result. • https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=758754966791c537ea95241438454aa86f91f256 https://security.netapp.com/advisory/ntap-20211229-0003 https://www.openssl.org/news/secadv/20211214.txt • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. Node.js versiones anteriores a 16.6.0, 14.17.4 y 12.22.4, es vulnerable a un ataque de uso de memoria previamente liberada donde un atacante podría aprovechar una corrupción de memoria para cambiar el comportamiento del proceso A flaw was found in Node.js, where it is vulnerable to a use-after-free attack. This flaw allows an attacker to exploit the memory corruption, which causes a change in the process behavior. The highest threat from this vulnerability is to confidentiality and integrity. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1238162 https://lists.debian.org/debian-lts-announce/2022/10/msg00006.html https://nodejs.org/en/blog/vulnerability/july-2021-security-releases-2 https://security.gentoo.org/glsa/202401-02 https://security.netapp.com/advisory/ntap-20211112-0002 https://access.redhat.com/security/cve/CVE-2021-22930 https://bugzilla.redhat.com/show_bug.cgi?id=1988394 • CWE-416: Use After Free •

CVSS: 5.3EPSS: 1%CPEs: 13EXPL: 1

If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. Si la API https de Node.js, era usada incorrectamente y se pasaba "undefined" para el parámetro "rejectUnauthorized", no fue devuelto ningún error y se aceptaban las conexiones a servidores con un certificado caducado. A flaw was found in Node.js. If the Node.js HTTPS API is used incorrectly and "undefined" is passed for the "rejectUnauthorized" parameter, no error is returned, and the connections to servers with an expired certificate are accepted. The highest threat from this vulnerability is to integrity. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1278254 https://lists.debian.org/debian-lts-announce/2022/10/msg00006.html https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases https://security.gentoo.org/glsa/202401-02 https://security.netapp.com/advisory/ntap-20210917-0003 https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021& • CWE-20: Improper Input Validation CWE-295: Improper Certificate Validation •