CVE-2016-2183

SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.

Los cifrados DES y Triple DES, como se usan en los protocolos TLS, SSH e IPSec y otros protocolos y productos, tienen una cota de cumpleaños de aproximadamente cuatro mil millones de bloques, lo que facilita a atacantes remotos obtener datos de texto plano a través de un ataque de cumpleaños contra una sesión cifrada de larga duración, según lo demostrado por una sesión HTTPS usando Triple DES en modo CBC, también conocido como un ataque "Sweet32".

A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite.

IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2016-01-29 CVE Reserved
2016-09-01 CVE Published
2024-04-19 EPSS Updated
2024-08-05 CVE Updated
2024-08-05 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-327: Use of a Broken or Risky Cryptographic Algorithm

CAPEC

References (137)

URL	Tag	Source
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759	Third Party Advisory
http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html	Third Party Advisory
http://seclists.org/fulldisclosure/2017/Jul/31	Mailing List
http://seclists.org/fulldisclosure/2017/May/105	Mailing List
http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21991482	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21995039	Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	Third Party Advisory
http://www.securityfocus.com/archive/1/539885/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/540341/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/541104/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/542005/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/92630	Third Party Advisory
http://www.securityfocus.com/bid/95568	Third Party Advisory
http://www.securitytracker.com/id/1036696	Third Party Advisory
http://www.splunk.com/view/SP-CAAAPSV	Third Party Advisory
http://www.splunk.com/view/SP-CAAAPUE	Third Party Advisory
https://access.redhat.com/security/cve/cve-2016-2183	Third Party Advisory
https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls	Media Coverage
https://bto.bluecoat.com/security-advisory/sa133	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849	Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02	Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10171	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10186	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10197	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10215	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10310	Third Party Advisory
https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack	Media Coverage
https://nodejs.org/en/blog/vulnerability/september-2016-security-releases	Third Party Advisory
https://seclists.org/bugtraq/2018/Nov/21	Mailing List
https://security.netapp.com/advisory/ntap-20160915-0001	Third Party Advisory
https://security.netapp.com/advisory/ntap-20170119-0001	Third Party Advisory
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613	Third Party Advisory
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178	Third Party Advisory
https://support.f5.com/csp/article/K13167034	Third Party Advisory
https://sweet32.info	Technical Description
https://wiki.opendaylight.org/view/Security_Advisories	Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24	Third Party Advisory
https://www.ietf.org/mail-archive/web/tls/current/msg04560.html	Mailing List
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008	Third Party Advisory
https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish	Media Coverage
https://www.openssl.org/blog/blog/2016/08/24/sweet32	Media Coverage
https://www.oracle.com/security-alerts/cpuapr2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html	Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Third Party Advisory
https://www.sigsac.org/ccs/CCS2016/accepted-papers	Third Party Advisory
https://www.tenable.com/security/tns-2016-16	Third Party Advisory
https://www.tenable.com/security/tns-2016-20	Third Party Advisory
https://www.tenable.com/security/tns-2016-21	Third Party Advisory
https://www.tenable.com/security/tns-2017-09	Third Party Advisory
https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue	Third Party Advisory

URL	Date	SRC
https://www.exploit-db.com/exploits/42091	2024-08-05

URL	Date	SRC
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	2023-02-12
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	2023-02-12
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html	2023-02-12
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	2023-02-12
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	2023-02-12
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	2023-02-12

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html	2023-02-12
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html	2023-02-12
http://rhn.redhat.com/errata/RHSA-2017-0336.html	2023-02-12
http://rhn.redhat.com/errata/RHSA-2017-0337.html	2023-02-12
http://rhn.redhat.com/errata/RHSA-2017-0338.html	2023-02-12
http://rhn.redhat.com/errata/RHSA-2017-0462.html	2023-02-12
http://www.debian.org/security/2016/dsa-3673	2023-02-12
http://www.ubuntu.com/usn/USN-3087-1	2023-02-12
http://www.ubuntu.com/usn/USN-3087-2	2023-02-12
http://www.ubuntu.com/usn/USN-3179-1	2023-02-12
http://www.ubuntu.com/usn/USN-3194-1	2023-02-12
http://www.ubuntu.com/usn/USN-3198-1	2023-02-12
http://www.ubuntu.com/usn/USN-3270-1	2023-02-12
http://www.ubuntu.com/usn/USN-3372-1	2023-02-12
https://access.redhat.com/articles/2548661	2021-07-27
https://access.redhat.com/errata/RHSA-2017:1216	2023-02-12
https://access.redhat.com/errata/RHSA-2017:2708	2023-02-12
https://access.redhat.com/errata/RHSA-2017:2709	2023-02-12
https://access.redhat.com/errata/RHSA-2017:2710	2023-02-12
https://access.redhat.com/errata/RHSA-2017:3113	2023-02-12
https://access.redhat.com/errata/RHSA-2017:3114	2023-02-12
https://access.redhat.com/errata/RHSA-2017:3239	2023-02-12
https://access.redhat.com/errata/RHSA-2017:3240	2023-02-12
https://access.redhat.com/errata/RHSA-2018:2123	2023-02-12
https://access.redhat.com/errata/RHSA-2019:1245	2023-02-12
https://access.redhat.com/errata/RHSA-2019:2859	2023-02-12
https://access.redhat.com/errata/RHSA-2020:0451	2023-02-12
https://bugzilla.redhat.com/show_bug.cgi?id=1369383	2021-07-27
https://security.gentoo.org/glsa/201612-16	2023-02-12
https://security.gentoo.org/glsa/201701-65	2023-02-12
https://security.gentoo.org/glsa/201707-01	2023-02-12
https://access.redhat.com/security/cve/CVE-2016-2183	2021-07-27
https://access.redhat.com/errata/RHSA-2016:1940	2021-07-27

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform"				6.0.0 Search vendor "Redhat" for product "Jboss Enterprise Application Platform" and version "6.0.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Web Server Search vendor "Redhat" for product "Jboss Enterprise Web Server"				1.0.0 Search vendor "Redhat" for product "Jboss Enterprise Web Server" and version "1.0.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Enterprise Web Server Search vendor "Redhat" for product "Jboss Enterprise Web Server"				2.0.0 Search vendor "Redhat" for product "Jboss Enterprise Web Server" and version "2.0.0"		-		Affected
Redhat Search vendor "Redhat"		Jboss Web Server Search vendor "Redhat" for product "Jboss Web Server"				3.0 Search vendor "Redhat" for product "Jboss Web Server" and version "3.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				5.0 Search vendor "Redhat" for product "Enterprise Linux" and version "5.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"				7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0"		-		Affected
Python Search vendor "Python"		Python Search vendor "Python" for product "Python"				>= 2.7.0 < 2.7.13 Search vendor "Python" for product "Python" and version " >= 2.7.0 < 2.7.13"		-		Affected
Python Search vendor "Python"		Python Search vendor "Python" for product "Python"				>= 3.4.0 < 3.4.7 Search vendor "Python" for product "Python" and version " >= 3.4.0 < 3.4.7"		-		Affected
Python Search vendor "Python"		Python Search vendor "Python" for product "Python"				>= 3.5.0 < 3.5.3 Search vendor "Python" for product "Python" and version " >= 3.5.0 < 3.5.3"		-		Affected
Cisco Search vendor "Cisco"		Content Security Management Appliance Search vendor "Cisco" for product "Content Security Management Appliance"				9.6.6-068 Search vendor "Cisco" for product "Content Security Management Appliance" and version "9.6.6-068"		-		Affected
Cisco Search vendor "Cisco"		Content Security Management Appliance Search vendor "Cisco" for product "Content Security Management Appliance"				9.7.0-006 Search vendor "Cisco" for product "Content Security Management Appliance" and version "9.7.0-006"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1a Search vendor "Openssl" for product "Openssl" and version "1.0.1a"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1b Search vendor "Openssl" for product "Openssl" and version "1.0.1b"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1c Search vendor "Openssl" for product "Openssl" and version "1.0.1c"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1d Search vendor "Openssl" for product "Openssl" and version "1.0.1d"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1e Search vendor "Openssl" for product "Openssl" and version "1.0.1e"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1f Search vendor "Openssl" for product "Openssl" and version "1.0.1f"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1g Search vendor "Openssl" for product "Openssl" and version "1.0.1g"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1h Search vendor "Openssl" for product "Openssl" and version "1.0.1h"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1i Search vendor "Openssl" for product "Openssl" and version "1.0.1i"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1j Search vendor "Openssl" for product "Openssl" and version "1.0.1j"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1k Search vendor "Openssl" for product "Openssl" and version "1.0.1k"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1l Search vendor "Openssl" for product "Openssl" and version "1.0.1l"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1m Search vendor "Openssl" for product "Openssl" and version "1.0.1m"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1n Search vendor "Openssl" for product "Openssl" and version "1.0.1n"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1o Search vendor "Openssl" for product "Openssl" and version "1.0.1o"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1p Search vendor "Openssl" for product "Openssl" and version "1.0.1p"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1q Search vendor "Openssl" for product "Openssl" and version "1.0.1q"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1r Search vendor "Openssl" for product "Openssl" and version "1.0.1r"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1t Search vendor "Openssl" for product "Openssl" and version "1.0.1t"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2a Search vendor "Openssl" for product "Openssl" and version "1.0.2a"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2b Search vendor "Openssl" for product "Openssl" and version "1.0.2b"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2c Search vendor "Openssl" for product "Openssl" and version "1.0.2c"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2d Search vendor "Openssl" for product "Openssl" and version "1.0.2d"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2e Search vendor "Openssl" for product "Openssl" and version "1.0.2e"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2f Search vendor "Openssl" for product "Openssl" and version "1.0.2f"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.2h Search vendor "Openssl" for product "Openssl" and version "1.0.2h"		-		Affected
Oracle Search vendor "Oracle"		Database Search vendor "Oracle" for product "Database"				11.2.0.4 Search vendor "Oracle" for product "Database" and version "11.2.0.4"		-		Affected
Oracle Search vendor "Oracle"		Database Search vendor "Oracle" for product "Database"				12.1.0.2 Search vendor "Oracle" for product "Database" and version "12.1.0.2"		-		Affected
Nodejs Search vendor "Nodejs"		Node.js Search vendor "Nodejs" for product "Node.js"				>= 0.10.0 < 0.10.47 Search vendor "Nodejs" for product "Node.js" and version " >= 0.10.0 < 0.10.47"		-		Affected
Nodejs Search vendor "Nodejs"		Node.js Search vendor "Nodejs" for product "Node.js"				>= 0.12.0 < 0.12.16 Search vendor "Nodejs" for product "Node.js" and version " >= 0.12.0 < 0.12.16"		-		Affected
Nodejs Search vendor "Nodejs"		Node.js Search vendor "Nodejs" for product "Node.js"				>= 4.0.0 < 4.1.2 Search vendor "Nodejs" for product "Node.js" and version " >= 4.0.0 < 4.1.2"		-		Affected
Nodejs Search vendor "Nodejs"		Node.js Search vendor "Nodejs" for product "Node.js"				>= 4.2.0 < 4.6.0 Search vendor "Nodejs" for product "Node.js" and version " >= 4.2.0 < 4.6.0"		lts		Affected
Nodejs Search vendor "Nodejs"		Node.js Search vendor "Nodejs" for product "Node.js"				>= 6.0.0 < 6.7.0 Search vendor "Nodejs" for product "Node.js" and version " >= 6.0.0 < 6.7.0"		-		Affected