CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0CVE-2018-12115 – nodejs: Out of bounds (OOB) write via UCS-2 encoding
https://notcve.org/view.php?id=CVE-2018-12115
21 Aug 2018 — In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written. En todas las versiones de Node.js anteriores a la 6.14.4, 8.11.4 y 10.9.0, cuando se utiliza con codifi... • http://www.securityfocus.com/bid/105127 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-16024
https://notcve.org/view.php?id=CVE-2017-16024
04 Jun 2018 — The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain confidential information from the buffer/tmp file, while it exists. El módulo sync-exec se emplea para simular child_process.execSync en la versiones de node anteriores a la 0.11.9. Sync-exec emplea directorios tmp como búfer antes de ... • https://cwe.mitre.org/data/definitions/377.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-377: Insecure Temporary File •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2018-7159 – nodejs: HTTP parser allowed for spaces inside Content-Length header values
https://notcve.org/view.php?id=CVE-2018-7159
17 May 2018 — The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of th... • https://access.redhat.com/errata/RHSA-2019:2258 • CWE-20: Improper Input Validation CWE-115: Misinterpretation of Input •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7158
https://notcve.org/view.php?id=CVE-2018-7158
17 May 2018 — The `'path'` module in the Node.js 4.x release line contains a potential regular expression denial of service (ReDoS) vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The regular expression, `splitPathRe`, used within the `'path'` module for the various path parsing functions, including `path.dirname()`, `path.extname()` and `path.parse()` was structured in such a way as to allow an attacker to craft a string, that when passed... • https://nodejs.org/en/blog/vulnerability/march-2018-security-releases • CWE-185: Incorrect Regular Expression •
CVSS: 9.1EPSS: 0%CPEs: 7EXPL: 0CVE-2017-15896
https://notcve.org/view.php?id=CVE-2017-15896
11 Dec 2017 — Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption. Node.js se ha visto afectado por una vulnerabilidad de OpenSSL (CVE-2017-3737) en relación con el uso de SSL_read() debido a un error en la negociación TLS. El resultado era que un atacante de una red activa pod... • https://nodejs.org/en/blog/vulnerability/december-2017-security-releases •
CVSS: 5.9EPSS: 1%CPEs: 34EXPL: 0CVE-2017-3738 – openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
https://notcve.org/view.php?id=CVE-2017-3738
07 Dec 2017 — There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be sign... • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3744
https://notcve.org/view.php?id=CVE-2014-3744
23 Oct 2017 — Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path. Vulnerabilidad de salto de directorio en el módulo st en versiones anteriores a la 0.2.5 para Node.js permite que atacantes remotos lean archivos arbitrarios mediante un %2e%2e (punto punto de manera codificada) en una ruta no especificada. • http://www.openwall.com/lists/oss-security/2014/05/13/1 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2015-7384
https://notcve.org/view.php?id=CVE-2015-7384
10 Oct 2017 — Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service. Node.js 4.0.0, 4.1.0 y 4.1.1 permite que atacantes remotos provoquen una denegación de servicio. • http://www.securityfocus.com/bid/101260 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2015-2927
https://notcve.org/view.php?id=CVE-2015-2927
20 Sep 2017 — node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidth consumption). node en su versión 0.3.2 y URONode en versiones anteriores a la 1.0.5r3 permite que los atacantes remotos provoquen una denegación de servicio (consumo de ancho de banda). • http://www.openwall.com/lists/oss-security/2015/04/06/3 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 100EXPL: 0CVE-2017-11499 – nodejs: Constant Hashtable Seeds vulnerability
https://notcve.org/view.php?id=CVE-2017-11499
25 Jul 2017 — Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup. Node.js versión v4.0 hasta v4.8.3, todas las versiones de v5.x, versión v6.0 hasta v6.11.0, versión v7.0 hasta v7.10.0, y ... • http://www.securityfocus.com/bid/99959 • CWE-20: Improper Input Validation •