Node.js — программная платформа, основанная на движке V8 (компилирующем JavaScript в машинный код)

Релизный цикл, информация об уязвимостях

Продукт: Node.js

Вендор: nodejs

График релизов

Недавние уязвимости Node.js

Количество 1 014

CVE-2019-15605

больше 5 лет назад

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

CVSS3: 9.8

EPSS: Средний

CVE-2019-15605

больше 5 лет назад

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...

CVSS3: 9.8

EPSS: Средний

CVE-2019-15604

больше 5 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVSS3: 7.5

EPSS: Низкий

CVE-2019-15604

больше 5 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the p ...

CVSS3: 7.5

EPSS: Низкий

CVE-2019-15606

больше 5 лет назад

Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons

CVSS3: 9.8

EPSS: Низкий

CVE-2019-15604

больше 5 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVSS3: 7.5

EPSS: Низкий

CVE-2019-15605

больше 5 лет назад

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

CVSS3: 9.8

EPSS: Средний

CVE-2019-15605

больше 5 лет назад

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

CVSS3: 7.1

EPSS: Средний

CVE-2019-15604

больше 5 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVSS3: 5.9

EPSS: Низкий

CVE-2019-15606

больше 5 лет назад

Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons

CVSS3: 4.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
CVE-2019-15605 HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed	CVSS3: 9.8	32% Средний	больше 5 лет назад
CVE-2019-15605 HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...	CVSS3: 9.8	32% Средний	больше 5 лет назад
CVE-2019-15604 Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate	CVSS3: 7.5	5% Низкий	больше 5 лет назад
CVE-2019-15604 Improper Certificate Validation in Node.js 10, 12, and 13 causes the p ...	CVSS3: 7.5	5% Низкий	больше 5 лет назад
CVE-2019-15606 Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons	CVSS3: 9.8	2% Низкий	больше 5 лет назад
CVE-2019-15604 Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate	CVSS3: 7.5	5% Низкий	больше 5 лет назад
CVE-2019-15605 HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed	CVSS3: 9.8	32% Средний	больше 5 лет назад
CVE-2019-15605 HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed	CVSS3: 7.1	32% Средний	больше 5 лет назад
CVE-2019-15604 Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate	CVSS3: 5.9	5% Низкий	больше 5 лет назад
CVE-2019-15606 Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons	CVSS3: 4.8	2% Низкий	больше 5 лет назад

Уязвимостей на страницу