Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-15897

Опубликовано: 11 дек. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 3.1

Описание

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

8.10.0~dfsg-2
devel

not-affected

8.11.2~dfsg-1
esm-apps/bionic

not-affected

8.10.0~dfsg-2
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
precise/esm

DNE

trusty

not-affected

code not present
trusty/esm

not-affected

code not present
upstream

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 61%
0.00425
Низкий

4.3 Medium

CVSS2

3.1 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-15897

CVSS3: 3.7
redhat
больше 7 лет назад

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

nvd логотип

CVE-2017-15897

CVSS3: 3.1
nvd
больше 7 лет назад

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

debian логотип

CVE-2017-15897

CVSS3: 3.1
debian
больше 7 лет назад

Node.js had a bug in versions 8.X and 9.X which caused buffers to not ...

github логотип

GHSA-f2j2-5fh3-4jrr

CVSS3: 3.1
github
около 3 лет назад

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

suse-cvrf логотип

SUSE-SU-2019:14246-1

suse-cvrf
больше 5 лет назад

Security update for Mozilla Firefox

EPSS

Процентиль: 61%
0.00425
Низкий

4.3 Medium

CVSS2

3.1 Low

CVSS3