exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 17

CVE-2021-44533

больше 3 лет назад

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-44533

больше 3 лет назад

CVSS3: 7.4

EPSS: Низкий

CVE-2021-44533

больше 3 лет назад

CVSS3: 5.3

EPSS: Низкий

CVE-2021-44533

больше 3 лет назад

CVSS3: 5.3

EPSS: Низкий

CVE-2021-44533

больше 3 лет назад

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle m ...

CVSS3: 5.3

EPSS: Низкий

BDU:2022-00751

больше 3 лет назад

Уязвимость компонента Relative Distinguished Name (RDN) программной платформы Node.js, позволяющая нарушителю проводить спуфинг-атаки

CVSS3: 7.4

EPSS: Низкий

openSUSE-SU-2022:0113-1

больше 3 лет назад

Security update for nodejs12

EPSS: Низкий

openSUSE-SU-2022:0112-1

больше 3 лет назад

Security update for nodejs14

EPSS: Низкий

SUSE-SU-2022:0114-1

больше 3 лет назад

Security update for nodejs14

EPSS: Низкий

SUSE-SU-2022:0113-1

больше 3 лет назад

Security update for nodejs12

EPSS: Низкий

SUSE-SU-2022:0112-1

больше 3 лет назад

Security update for nodejs14

EPSS: Низкий

RLSA-2022:7830

больше 2 лет назад

Moderate: nodejs:14 security update

EPSS: Низкий

ELSA-2022-7830

больше 2 лет назад

ELSA-2022-7830: nodejs:14 security update (MODERATE)

EPSS: Низкий

RLSA-2022:9073

больше 2 лет назад

Moderate: nodejs:16 security, bug fix, and enhancement update

EPSS: Низкий

ELSA-2022-9073-1

больше 2 лет назад

ELSA-2022-9073-1: nodejs:16 security, bug fix, and enhancement update (MODERATE)

EPSS: Низкий

ROS-20220125-10

больше 3 лет назад

Уязвимость программной платформы Node.js

EPSS: Низкий

SUSE-SU-2022:0101-1

больше 3 лет назад

Security update for nodejs12

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.	CVSS3: 5.3	0% Низкий	больше 3 лет назад
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.	CVSS3: 7.4	0% Низкий	больше 3 лет назад
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.	CVSS3: 5.3	0% Низкий	больше 3 лет назад
CVE-2021-44533	CVSS3: 5.3	0% Низкий	больше 3 лет назад
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle m ...	CVSS3: 5.3	0% Низкий	больше 3 лет назад
BDU:2022-00751 Уязвимость компонента Relative Distinguished Name (RDN) программной платформы Node.js, позволяющая нарушителю проводить спуфинг-атаки	CVSS3: 7.4		больше 3 лет назад
openSUSE-SU-2022:0113-1 Security update for nodejs12			больше 3 лет назад
openSUSE-SU-2022:0112-1 Security update for nodejs14			больше 3 лет назад
SUSE-SU-2022:0114-1 Security update for nodejs14			больше 3 лет назад
SUSE-SU-2022:0113-1 Security update for nodejs12			больше 3 лет назад
SUSE-SU-2022:0112-1 Security update for nodejs14			больше 3 лет назад
RLSA-2022:7830 Moderate: nodejs:14 security update			больше 2 лет назад
ELSA-2022-7830 ELSA-2022-7830: nodejs:14 security update (MODERATE)			больше 2 лет назад
RLSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update			больше 2 лет назад
ELSA-2022-9073-1 ELSA-2022-9073-1: nodejs:16 security, bug fix, and enhancement update (MODERATE)			больше 2 лет назад
ROS-20220125-10 Уязвимость программной платформы Node.js			больше 3 лет назад
SUSE-SU-2022:0101-1 Security update for nodejs12			больше 3 лет назад

Уязвимостей на страницу