Page 3 of 28 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2018-12122 – nodejs: Slowloris HTTP Denial of Service

https://notcve.org/view.php?id=CVE-2018-12122

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Node.js: Todas las versiones anteriores a la 6.15.0, 8.14.0, 10.14.0 y 11.3.0: Denegación de servicio (DoS) HTTP mediante Slowloris. Un atacante puede provocar una denegación de servicio (DoS) enviando cabeceras muy lentamente, manteniendo las conexiones HTTP o HTTPS y los recursos asociados vivos durante un largo período de tiempo. It was found that Node.js HTTP server was vulnerable to a Slowloris type attack. An attacker could make long lived connections by sending bytes very slowly to the server, saturating its resource and possibly resulting in a denial of service. • http://www.securityfocus.com/bid/106043 https://access.redhat.com/errata/RHSA-2019:1821 https://nodejs.org/en/blog/vulnerability/november-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12122 https://bugzilla.redhat.com/show_bug.cgi?id=1661005 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 4.8EPSS: 0%CPEs: 41EXPL: 2

CVE-2018-5407 – Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel

https://notcve.org/view.php?id=CVE-2018-5407

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. SMT (Simultaneous Multi-threading) en los procesadores puede habilitar que usuarios locales exploten software vulnerable a ataques de sincronización mediante un ataques de sincronización de canal lateral en la "contención de puertos". A microprocessor side-channel vulnerability was found on SMT (e.g, Hyper-Threading) architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information. • https://www.exploit-db.com/exploits/45785 http://www.securityfocus.com/bid/105897 https://access.redhat.com/errata/RHSA-2019:0483 https://access.redhat.com/errata/RHSA-2019:0651 https://access.redhat.com/errata/RHSA-2019:0652 https://access.redhat.com/errata/RHSA-2019:2125 https://access.redhat.com/errata/RHSA-2019:3929 https://access.redhat.com/errata/RHSA-2019:3931 https://access.redhat.com/errata/RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3933 https& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •

CVSS: 5.9EPSS: 0%CPEs: 44EXPL: 0

CVE-2018-0734 – Timing attack against DSA

https://notcve.org/view.php?id=CVE-2018-0734

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p). • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.securityfocus.com/bid/105758 https://access.redhat.com/errata/RHSA-2019:2304 https://access.redhat.com/errata/RHSA-2019:3700 https://access.redhat.com/errata/RHSA-2019:3932 https://access.redhat.com/errata/RHSA-2019:3933 https://access.redhat.com/errata/RHSA-2019:3935 https://git.openssl.org/gitweb/?p=openssl.git%3Ba • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-385: Covert Timing Channel •

CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0

CVE-2018-12115 – nodejs: Out of bounds (OOB) write via UCS-2 encoding

https://notcve.org/view.php?id=CVE-2018-12115

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation of the maximum length of the input bytes to be written. En todas las versiones de Node.js anteriores a la 6.14.4, 8.11.4 y 10.9.0, cuando se utiliza con codificación UCS-2 (reconocida por Node.js bajo los nombres "ucs2", "ucs-2", "utf16le" y "utf-16le"), se puede explotar "Buffer#write()" para escribir fuera de los límites de un búfer. Las escrituras que empiezan desde la segunda hasta la última posición de un búfer provocan un error de cálculo de la longitud máxima de los bytes de entrada que se van a escribir. • http://www.securityfocus.com/bid/105127 https://access.redhat.com/errata/RHSA-2018:2552 https://access.redhat.com/errata/RHSA-2018:2553 https://access.redhat.com/errata/RHSA-2018:2944 https://access.redhat.com/errata/RHSA-2018:2949 https://access.redhat.com/errata/RHSA-2018:3537 https://nodejs.org/en/blog/vulnerability/august-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-12115 https://bugzilla.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-7167 – nodejs: Denial of Service by calling Buffer.fill() or Buffer.alloc() with specially crafted parameters

https://notcve.org/view.php?id=CVE-2018-7167

Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron"), 8.x (LTS "Carbon"), and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable. La llamada a Buffer.fill() o Buffer.alloc() con algunos parámetros puede conducir a un bloqueo y a una denegación de servicio (DoS) posterior. • http://www.securityfocus.com/bid/106363 https://nodejs.org/en/blog/vulnerability/june-2018-security-releases https://security.gentoo.org/glsa/202003-48 https://access.redhat.com/security/cve/CVE-2018-7167 https://bugzilla.redhat.com/show_bug.cgi?id=1591006 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •