Логотип exploitDog
bind:"CVE-2025-22150" OR bind:"CVE-2025-23085"
Консоль
Логотип exploitDog

exploitDog

bind:"CVE-2025-22150" OR bind:"CVE-2025-23085"

Количество 31

Количество 31

msrc логотип

CVE-2025-22150

12 месяцев назад

Undici Uses Insufficiently Random Values

CVSS3: 6.8
EPSS: Низкий
debian логотип

CVE-2025-22150

около 1 года назад

Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to v ...

CVSS3: 6.8
EPSS: Низкий
ubuntu логотип

CVE-2025-23085

около 1 года назад

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
EPSS: Низкий
redhat логотип

CVE-2025-23085

около 1 года назад

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
EPSS: Низкий
nvd логотип

CVE-2025-23085

около 1 года назад

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
EPSS: Низкий
msrc логотип

CVE-2025-23085

12 месяцев назад

CVSS3: 5.3
EPSS: Низкий
debian логотип

CVE-2025-23085

около 1 года назад

A memory leak could occur when a remote peer abruptly closes the socke ...

CVSS3: 5.3
EPSS: Низкий
github логотип

GHSA-c76h-2ccp-4975

около 1 года назад

Use of Insufficiently Random Values in undici

CVSS3: 6.8
EPSS: Низкий
github логотип

GHSA-qv9x-c8c9-rpr8

около 1 года назад

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
EPSS: Низкий
fstec логотип

BDU:2025-02664

около 1 года назад

Уязвимость программной платформы Node.js, связанная с отсутствием освобождения памяти после эффективного срока службы, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.3
EPSS: Низкий
redos логотип

ROS-20250212-15

12 месяцев назад

Множественные уязвимости nodejs

CVSS3: 7.7
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
msrc логотип
CVE-2025-22150

Undici Uses Insufficiently Random Values

CVSS3: 6.8
0%
Низкий
12 месяцев назад
debian логотип
CVE-2025-22150

Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to v ...

CVSS3: 6.8
0%
Низкий
около 1 года назад
ubuntu логотип
CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
0%
Низкий
около 1 года назад
redhat логотип
CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
0%
Низкий
около 1 года назад
nvd логотип
CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
0%
Низкий
около 1 года назад
msrc логотип
CVSS3: 5.3
0%
Низкий
12 месяцев назад
debian логотип
CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socke ...

CVSS3: 5.3
0%
Низкий
около 1 года назад
github логотип
GHSA-c76h-2ccp-4975

Use of Insufficiently Random Values in undici

CVSS3: 6.8
0%
Низкий
около 1 года назад
github логотип
GHSA-qv9x-c8c9-rpr8

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.

CVSS3: 5.3
0%
Низкий
около 1 года назад
fstec логотип
BDU:2025-02664

Уязвимость программной платформы Node.js, связанная с отсутствием освобождения памяти после эффективного срока службы, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.3
0%
Низкий
около 1 года назад
redos логотип
ROS-20250212-15

Множественные уязвимости nodejs

CVSS3: 7.7
12 месяцев назад

Уязвимостей на страницу