CVE-2019-15604

Опубликовано: 07 фев. 2020

Источник: debian

EPSS Низкий

Описание

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

Пакет	Статус	Версия исправления	Релиз	Тип
nodejs	fixed	10.19.0~dfsg-1		package
nodejs	ignored		stretch	package
nodejs	end-of-life		jessie	package

https://hackerone.com/reports/746733
https://github.com/nodejs/node/commit/f940bee3b7da865e28093472dee9ce664f273f6d (v10.19.0)

EPSS

Процентиль: 87%

0.03533

Низкий

CVE-2019-15604

CVSS3: 7.5

ubuntu

больше 5 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVE-2019-15604

CVSS3: 5.9

redhat

больше 5 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVE-2019-15604

CVSS3: 7.5

nvd

больше 5 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

GHSA-4p8g-wmmc-p9f7

CVSS3: 7.5

github

около 3 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

openSUSE-SU-2020:0293-1

suse-cvrf

больше 5 лет назад

Security update for nodejs8

EPSS

Процентиль: 87%

0.03533

Низкий