CVSS: 6.5EPSS: 9%CPEs: 10EXPL: 2CVE-2020-8287 – nodejs: HTTP request smuggling via two copies of a header field in an http request
https://notcve.org/view.php?id=CVE-2020-8287
06 Jan 2021 — Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. Node.js versiones anteriores a 10.23.1, 12.20.1, 14.15.4, 15.5.1 permiten dos copias de un campo de encabezado en una petición HTTP (por ejemplo, dos campos de encabezado Transfer-Encoding). En este caso, Node.js identific... • https://github.com/progfay/nodejs-http-transfer-encoding-smuggling-poc • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.9EPSS: 0%CPEs: 75EXPL: 1CVE-2020-1971 – EDIPARTYNAME NULL pointer dereference
https://notcve.org/view.php?id=CVE-2020-1971
08 Dec 2020 — The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. • https://github.com/MBHudson/CVE-2020-1971 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 62%CPEs: 15EXPL: 2CVE-2020-8277 – c-ares: ares_parse_{a,aaaa}_reply() insufficient naddrttls validation DoS
https://notcve.org/view.php?id=CVE-2020-8277
19 Nov 2020 — A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1. Una aplicación Node.js que permite a un atacante desencadenar una petición DNS para un host de su elección podría desencadenar una Denegación de servicio en las versiones anteriores a 15.2.1, versione... • https://github.com/masahiro331/CVE-2020-8277 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 3CVE-2020-7774 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2020-7774
17 Nov 2020 — The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution. El paquete y18n anterior a las versiones 3.2.2, 4.0.1 y 5.0.5, es vulnerable a la contaminación de prototipos A flaw was found in nodejs-y18n. There is a prototype pollution vulnerability in y18n's locale functionality. If an attacker is able to provide untrusted input via locale, they may be able to cause denial of service or in rare circumstances, impact to data integrity or confidentiality. Red Hat OpenShift Container S... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.3EPSS: 0%CPEs: 30EXPL: 0CVE-2020-14803 – OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136)
https://notcve.org/view.php?id=CVE-2020-14803
21 Oct 2020 — Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applicati... • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00041.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.2EPSS: 1%CPEs: 2EXPL: 0CVE-2020-14718
https://notcve.org/view.php?id=CVE-2020-14718
15 Jul 2020 — Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: JVMCI). Supported versions that are affected are 19.3.2 and 20.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle GraalVM Enterprise Edition. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 7.4EPSS: 1%CPEs: 12EXPL: 1CVE-2020-8172 – nodejs: TLS session reuse can lead to hostname verification bypass
https://notcve.org/view.php?id=CVE-2020-8172
08 Jun 2020 — TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. La reutilización de una sesión TLS puede conllevar a una omisión de la verificación del certificado del host en node versión anterior a 12.18.0 y anterior a 14.4.0 A TLS Hostname verification bypass vulnerability exists in NodeJS. This flaw allows an attacker to bypass TLS Hostname verification when a TLS client reuses HTTPS sessions. Node.js is a software development platform for building fast and sca... • https://hackerone.com/reports/811502 • CWE-285: Improper Authorization CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2020-11080 – Denial of service in nghttp2
https://notcve.org/view.php?id=CVE-2020-11080
03 Jun 2020 — In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the num... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00024.html • CWE-400: Uncontrolled Resource Consumption CWE-707: Improper Neutralization CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2900
https://notcve.org/view.php?id=CVE-2020-2900
15 Apr 2020 — Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some o... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2799
https://notcve.org/view.php?id=CVE-2020-2799
15 Apr 2020 — Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthor... • https://www.oracle.com/security-alerts/cpuapr2020.html •