CVSS: 9.4EPSS: 1%CPEs: 9EXPL: 1CVE-2022-35255 – nodejs: weak randomness in WebCrypto keygen
https://notcve.org/view.php?id=CVE-2022-35255
18 Oct 2022 — A weak randomness in WebCrypto keygen vulnerability exists in Node.js 18 due to a change with EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. There are two problems with this: 1) It does not check the return value, it assumes EntropySource() always succeeds, but it can (and sometimes will) fail. 2) The random data returned byEntropySource() may not be cryptographically strong and therefore not suitable as keying material. Existe una aleatoriedad débil en la vulnerabilidad k... • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 6.5EPSS: 3%CPEs: 11EXPL: 1CVE-2022-35256 – nodejs: HTTP Request Smuggling due to incorrect parsing of header fields
https://notcve.org/view.php?id=CVE-2022-35256
18 Oct 2022 — The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. El analizador llhttp en el módulo http en Node v18.7.0 no maneja correctamente los campos de encabezado que no terminan con CLRF. Esto puede resultar en tráfico ilegal de solicitudes HTTP. A vulnerability was found in NodeJS due to improper validation of HTTP requests. • https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.3EPSS: 6%CPEs: 6EXPL: 1CVE-2022-32223
https://notcve.org/view.php?id=CVE-2022-32223
14 Jul 2022 — Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under certain conditions on Windows platforms.This vulnerability can be exploited if the victim has the following dependencies on a Windows machine:* OpenSSL has been installed and “C:\Program Files\Common Files\SSL\openssl.cnf” exists.Whenever the above conditions are present, `node.exe` will search for `providers.dll` in the current user directory.After that, `node.exe` will try to search for `providers.dll` by the DLL Search Order in Windows.I... • https://github.com/ianyong/cve-2022-32223 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.1EPSS: 0%CPEs: 13EXPL: 0CVE-2022-32212 – nodejs: DNS rebinding in --inspect via invalid IP addresses
https://notcve.org/view.php?id=CVE-2022-32212
14 Jul 2022 — A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks. Se presenta una vulnerabilidad de inyección de comandos en el Sistema Operativo en Node.js versiones anteriores a 14.20.0, anteriores a 16.16.0, anteriores a 18.5.0, debido a una comprobación insuficiente de IsAllowedHost ... • https://hackerone.com/reports/1632921 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-284: Improper Access Control CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 6.5EPSS: 89%CPEs: 15EXPL: 1CVE-2022-32213 – nodejs: HTTP request smuggling due to flawed parsing of Transfer-Encoding
https://notcve.org/view.php?id=CVE-2022-32213
14 Jul 2022 — The llhttp parser
CVSS: 6.5EPSS: 68%CPEs: 9EXPL: 1CVE-2022-32214 – nodejs: HTTP request smuggling due to improper delimiting of header fields
https://notcve.org/view.php?id=CVE-2022-32214
14 Jul 2022 — The llhttp parser
CVSS: 6.5EPSS: 89%CPEs: 16EXPL: 1CVE-2022-32215 – nodejs: HTTP request smuggling due to incorrect parsing of multi-line Transfer-Encoding
https://notcve.org/view.php?id=CVE-2022-32215
14 Jul 2022 — The llhttp parser
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 1CVE-2022-32222 – Gentoo Linux Security Advisory 202405-29
https://notcve.org/view.php?id=CVE-2022-32222
14 Jul 2022 — A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0 which allowed a default path for openssl.cnf that might be accessible under some circumstances to a non-admin user instead of /etc/ssl as was the case in versions prior to the upgrade to OpenSSL 3. Se presenta una vulnerabilidad criptográfica en Node.js en linux en versiones 18.x anteriores a 18.40.0, que permitía una ruta por defecto para openssl.cnf que podría ser accesible en algunas circunstancias para un usuar... • https://hackerone.com/reports/1695596 • CWE-310: Cryptographic Issues CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 11%CPEs: 32EXPL: 8CVE-2022-0778 – Infinite loop in BN_mod_sqrt() reachable when parsing certificates
https://notcve.org/view.php?id=CVE-2022-0778
15 Mar 2022 — The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of ... • https://packetstorm.news/files/id/167344 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.4EPSS: 0%CPEs: 17EXPL: 1CVE-2021-44533 – nodejs: Incorrect handling of certificate subject and issuer fields
https://notcve.org/view.php?id=CVE-2021-44533
24 Feb 2022 — Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulner... • https://hackerone.com/reports/1429694 • CWE-295: Improper Certificate Validation •