Page 15 of 169 results (0.013 seconds)

CVSS: 5.9EPSS: 0%CPEs: 75EXPL: 1

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. • https://github.com/MBHudson/CVE-2020-1971 http://www.openwall.com/lists/oss-security/2021/09/14/2 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f960d81215ebf3f65e03d4d5d857fb9b666d6920 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676 https://lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b7 • CWE-476: NULL Pointer Dereference •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2

Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x). Las versiones inferiores a 0.0.6 del módulo stringstream de Node.js son vulnerables a una lectura fuera de límites debido a la asignación de búferes no inicializados cuando un número es pasado en el flujo de entrada (cuando se usa Node.js versión 4.x) A flaw was found in nodejs-stringstream. Node.js stringstream module is vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream. • https://github.com/mhart/StringStream/issues/7 https://hackerone.com/reports/321670 https://www.npmjs.com/advisories/664 https://access.redhat.com/security/cve/CVE-2018-21270 https://bugzilla.redhat.com/show_bug.cgi?id=1927293 • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 2

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1. Una aplicación Node.js que permite a un atacante desencadenar una petición DNS para un host de su elección podría desencadenar una Denegación de servicio en las versiones anteriores a 15.2.1, versiones anteriores a 14.15.1 y versiones anteriores a 12.19.1 al conseguir que la aplicación resuelva un Registro DNS con un mayor número de respuestas.&#xa0;Esto es corregido en versiones 15.2.1, 14.15.1 y 12.19.1 • https://github.com/masahiro331/CVE-2020-8277 https://github.com/AndrewIjano/CVE-2020-8277 https://hackerone.com/reports/1033107 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ https://lists.fedoraproject.org/archives&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0

Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names. Node.js versiones anteriores a 12.18.4 y versiones anteriores a 14.11, pueden ser explotado para llevar a cabo ataques de desincronización HTTP y entregar cargas útiles maliciosas a usuarios desprevenidos.&#xa0;Las cargas útiles pueden ser diseñadas por un atacante para secuestrar sesiones de usuario, envenenar cookies, llevar a cabo secuestro del click y una multitud de otros ataques dependiendo de la arquitectura del sistema subyacente. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html https://hackerone.com/reports/922597 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6 https://nodejs.org/en/blog/vulnerability/september-2020-security-releases https://security.gentoo.org/glsa/202101-07 https://security.netapp.com/advisory/ntap-20201009-0004 https://access.redhat.com/security/cve/CVE-2020-8201 https://bugzilla.redhat.com/show_bug.cgi?id=18 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes. La implementación de realpath en libuv versiones anteriores a versiones anteriores a 10.22.1, versiones anteriores a 12.18.4 y versiones anteriores a 14.9.0, usada dentro de Node.js determinó incorrectamente el tamaño del búfer, lo que puede resultar en un desbordamiento del búfer si la ruta resuelta tiene más de 256 bytes A flaw has been found in libuv. The realpath() implementation performs an incorrect calculation when allocating a buffer, leading to a potential buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.html https://hackerone.com/reports/965914 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6 https://nodejs.org/en/blog/vulnerability/september-2020-security-releases https://security.gentoo.org/glsa/202009-15 https://security.netapp.com/advisory/ntap-20201009-0004 https://usn.ubuntu.com/4548- • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •