CVSS: 7.8EPSS: 92%CPEs: 17EXPL: 0CVE-2021-22883 – nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion
https://notcve.org/view.php?id=CVE-2021-22883
28 Feb 2021 — Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. N... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 67EXPL: 1CVE-2021-23840 – Integer overflow in CipherUpdate
https://notcve.org/view.php?id=CVE-2021-23840
16 Feb 2021 — Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrad... • https://github.com/Trinadh465/openssl-1.1.1g_CVE-2021-23840 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 1CVE-2020-8265 – nodejs: use-after-free in the TLS implementation
https://notcve.org/view.php?id=CVE-2020-8265
06 Jan 2021 — Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. Nod... • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf • CWE-416: Use After Free •
CVSS: 6.5EPSS: 9%CPEs: 10EXPL: 2CVE-2020-8287 – nodejs: HTTP request smuggling via two copies of a header field in an http request
https://notcve.org/view.php?id=CVE-2020-8287
06 Jan 2021 — Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. Node.js versiones anteriores a 10.23.1, 12.20.1, 14.15.4, 15.5.1 permiten dos copias de un campo de encabezado en una petición HTTP (por ejemplo, dos campos de encabezado Transfer-Encoding). En este caso, Node.js identific... • https://github.com/progfay/nodejs-http-transfer-encoding-smuggling-poc • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.9EPSS: 0%CPEs: 75EXPL: 1CVE-2020-1971 – EDIPARTYNAME NULL pointer dereference
https://notcve.org/view.php?id=CVE-2020-1971
08 Dec 2020 — The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. • https://github.com/MBHudson/CVE-2020-1971 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-21270 – nodejs-stringstream: out-of-bounds read leading to uninitialized memory exposure
https://notcve.org/view.php?id=CVE-2018-21270
03 Dec 2020 — Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x). Las versiones inferiores a 0.0.6 del módulo stringstream de Node.js son vulnerables a una lectura fuera de límites debido a la asignación de búferes no inicializados cuando un número es pasado en el flujo de entrada (cuando se usa Node.js versión 4.x) A flaw was found in nodejs-stringstream. No... • https://github.com/mhart/StringStream/issues/7 • CWE-125: Out-of-bounds Read CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 62%CPEs: 15EXPL: 2CVE-2020-8277 – c-ares: ares_parse_{a,aaaa}_reply() insufficient naddrttls validation DoS
https://notcve.org/view.php?id=CVE-2020-8277
19 Nov 2020 — A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1. Una aplicación Node.js que permite a un atacante desencadenar una petición DNS para un host de su elección podría desencadenar una Denegación de servicio en las versiones anteriores a 15.2.1, versione... • https://github.com/masahiro331/CVE-2020-8277 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.4EPSS: 1%CPEs: 4EXPL: 0CVE-2020-8201 – nodejs: HTTP request smuggling due to CR-to-Hyphen conversion
https://notcve.org/view.php?id=CVE-2020-8201
18 Sep 2020 — Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due to a bug in processing of carrier-return symbols in the HTTP header names. Node.js versiones anteriores a 12.18.4 y versiones anteriores a 14.11, pueden ser ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-8252 – libuv: buffer overflow in realpath
https://notcve.org/view.php?id=CVE-2020-8252
18 Sep 2020 — The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes. La implementación de realpath en libuv versiones anteriores a versiones anteriores a 10.22.1, versiones anteriores a 12.18.4 y versiones anteriores a 14.9.0, usada dentro de Node.js determinó incorrectamente el tamaño del búfer, lo que puede resultar en un desbordamiento del búfer si la ruta ... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2020-8251 – Gentoo Linux Security Advisory 202101-07
https://notcve.org/view.php?id=CVE-2020-8251
18 Sep 2020 — Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections. Node.js versiones anteriores a 14.11.0, es vulnerable a ataques de denegación de servicio (DoS) HTTP basados ??en el envío de peticiones retrasadas que pueden hacer que el servidor no pueda aceptar nuevas conexiones Multiple vulnerabilities have been found in NodeJS, the worst of which could result in the arbitrary execution of code. Version... • https://hackerone.com/reports/868834 • CWE-400: Uncontrolled Resource Consumption •