Описание
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-8172
- https://hackerone.com/reports/811502
- https://nodejs.org/en/blog/vulnerability/june-2020-security-releases
- https://security.gentoo.org/glsa/202101-07
- https://security.netapp.com/advisory/ntap-20200625-0002
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2021.html
- https://www.oracle.com/security-alerts/cpujul2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
Связанные уязвимости
CVSS3: 7.4
ubuntu
около 5 лет назад
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
CVSS3: 7.4
redhat
около 5 лет назад
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
CVSS3: 7.4
nvd
около 5 лет назад
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
CVSS3: 7.4
debian
около 5 лет назад
TLS session reuse can lead to host certificate verification bypass in ...
CVSS3: 7.4
fstec
больше 5 лет назад
Уязвимость реализации протокола TLS программной платформы Node.js, позволяющая нарушителю реализовать атаку типа «человек посередине»