exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 17

CVE-2021-44533

почти 4 года назад

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.

CVSS3: 5.3

EPSS: Низкий

CVE-2021-44533

почти 4 года назад

CVSS3: 7.4

EPSS: Низкий

CVE-2021-44533

почти 4 года назад

CVSS3: 5.3

EPSS: Низкий

CVE-2021-44533

почти 4 года назад

CVSS3: 5.3

EPSS: Низкий

CVE-2021-44533

почти 4 года назад

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle m ...

CVSS3: 5.3

EPSS: Низкий

BDU:2022-00751

почти 4 года назад

Уязвимость компонента Relative Distinguished Name (RDN) программной платформы Node.js, позволяющая нарушителю проводить спуфинг-атаки

CVSS3: 7.4

EPSS: Низкий

openSUSE-SU-2022:0113-1

почти 4 года назад

Security update for nodejs12

EPSS: Низкий

openSUSE-SU-2022:0112-1

почти 4 года назад

Security update for nodejs14

EPSS: Низкий

SUSE-SU-2022:0114-1

почти 4 года назад

Security update for nodejs14

EPSS: Низкий

SUSE-SU-2022:0113-1

почти 4 года назад

Security update for nodejs12

EPSS: Низкий

SUSE-SU-2022:0112-1

почти 4 года назад

Security update for nodejs14

EPSS: Низкий

RLSA-2022:7830

около 3 лет назад

Moderate: nodejs:14 security update

EPSS: Низкий

ELSA-2022-7830

около 3 лет назад

ELSA-2022-7830: nodejs:14 security update (MODERATE)

EPSS: Низкий

RLSA-2022:9073

почти 3 года назад

Moderate: nodejs:16 security, bug fix, and enhancement update

EPSS: Низкий

ELSA-2022-9073-1

почти 3 года назад

ELSA-2022-9073-1: nodejs:16 security, bug fix, and enhancement update (MODERATE)

EPSS: Низкий

ROS-20220125-10

почти 4 года назад

Уязвимость программной платформы Node.js

EPSS: Низкий

SUSE-SU-2022:0101-1

почти 4 года назад

Security update for nodejs12

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.	CVSS3: 5.3	0% Низкий	почти 4 года назад
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.	CVSS3: 7.4	0% Низкий	почти 4 года назад
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.	CVSS3: 5.3	0% Низкий	почти 4 года назад
CVE-2021-44533	CVSS3: 5.3	0% Низкий	почти 4 года назад
CVE-2021-44533 Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle m ...	CVSS3: 5.3	0% Низкий	почти 4 года назад
BDU:2022-00751 Уязвимость компонента Relative Distinguished Name (RDN) программной платформы Node.js, позволяющая нарушителю проводить спуфинг-атаки	CVSS3: 7.4		почти 4 года назад
openSUSE-SU-2022:0113-1 Security update for nodejs12			почти 4 года назад
openSUSE-SU-2022:0112-1 Security update for nodejs14			почти 4 года назад
SUSE-SU-2022:0114-1 Security update for nodejs14			почти 4 года назад
SUSE-SU-2022:0113-1 Security update for nodejs12			почти 4 года назад
SUSE-SU-2022:0112-1 Security update for nodejs14			почти 4 года назад
RLSA-2022:7830 Moderate: nodejs:14 security update			около 3 лет назад
ELSA-2022-7830 ELSA-2022-7830: nodejs:14 security update (MODERATE)			около 3 лет назад
RLSA-2022:9073 Moderate: nodejs:16 security, bug fix, and enhancement update			почти 3 года назад
ELSA-2022-9073-1 ELSA-2022-9073-1: nodejs:16 security, bug fix, and enhancement update (MODERATE)			почти 3 года назад
ROS-20220125-10 Уязвимость программной платформы Node.js			почти 4 года назад
SUSE-SU-2022:0101-1 Security update for nodejs12			почти 4 года назад

Уязвимостей на страницу