exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 1 064

openSUSE-SU-2021:1168-1

больше 4 лет назад

Security update for c-ares

EPSS: Низкий

openSUSE-SU-2020:0459-1

почти 6 лет назад

Security update for icu

EPSS: Низкий

SUSE-SU-2021:2760-1

больше 4 лет назад

Security update for c-ares

EPSS: Низкий

SUSE-SU-2021:2690-1

больше 4 лет назад

Security update for libcares2

EPSS: Низкий

SUSE-SU-2021:14776-1

больше 4 лет назад

Security update for libcares2

EPSS: Низкий

SUSE-SU-2020:1180-1

почти 6 лет назад

Security update for icu

EPSS: Низкий

SUSE-SU-2020:0819-2

больше 5 лет назад

Security update for icu

EPSS: Низкий

SUSE-SU-2020:0819-1

почти 6 лет назад

Security update for icu

EPSS: Низкий

SUSE-OU-2024:0647-1

почти 2 года назад

Optional update for icu

EPSS: Низкий

RLSA-2022:2043

больше 3 лет назад

Moderate: c-ares security update

EPSS: Низкий

RLSA-2020:1317

почти 6 лет назад

Important: nodejs:10 security update

EPSS: Низкий

RLSA-2020:1293

почти 6 лет назад

Important: nodejs:12 security update

EPSS: Низкий

RLSA-2020:0902

почти 6 лет назад

Important: icu security update

EPSS: Низкий

GHSA-hghm-3vc3-hppj

больше 3 лет назад

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

CVSS3: 5.6

EPSS: Низкий

GHSA-8xp2-qvq2-xhpx

больше 3 лет назад

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

CVSS3: 8.8

EPSS: Низкий

GHSA-5689-v88g-g6rv

больше 3 лет назад

llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding

CVSS3: 9.1

EPSS: Высокий

GHSA-5492-mr68-4m2h

больше 3 лет назад

The llhttp parser in the http module in Node v17.6.0 does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).

CVSS3: 9.1

EPSS: Высокий

GHSA-4p8g-wmmc-p9f7

больше 3 лет назад

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVSS3: 7.5

EPSS: Низкий

CVE-2022-32215

больше 3 лет назад

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).

CVSS3: 6.5

EPSS: Высокий

CVE-2022-32215

больше 3 лет назад

The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).

CVSS3: 6.5

EPSS: Высокий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
openSUSE-SU-2021:1168-1 Security update for c-ares		0% Низкий	больше 4 лет назад
openSUSE-SU-2020:0459-1 Security update for icu		1% Низкий	почти 6 лет назад
SUSE-SU-2021:2760-1 Security update for c-ares		0% Низкий	больше 4 лет назад
SUSE-SU-2021:2690-1 Security update for libcares2		0% Низкий	больше 4 лет назад
SUSE-SU-2021:14776-1 Security update for libcares2		0% Низкий	больше 4 лет назад
SUSE-SU-2020:1180-1 Security update for icu		1% Низкий	почти 6 лет назад
SUSE-SU-2020:0819-2 Security update for icu		1% Низкий	больше 5 лет назад
SUSE-SU-2020:0819-1 Security update for icu		1% Низкий	почти 6 лет назад
SUSE-OU-2024:0647-1 Optional update for icu		1% Низкий	почти 2 года назад
RLSA-2022:2043 Moderate: c-ares security update		0% Низкий	больше 3 лет назад
RLSA-2020:1317 Important: nodejs:10 security update		1% Низкий	почти 6 лет назад
RLSA-2020:1293 Important: nodejs:12 security update		1% Низкий	почти 6 лет назад
RLSA-2020:0902 Important: icu security update		1% Низкий	почти 6 лет назад
GHSA-hghm-3vc3-hppj A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.	CVSS3: 5.6	0% Низкий	больше 3 лет назад
GHSA-8xp2-qvq2-xhpx An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.	CVSS3: 8.8	1% Низкий	больше 3 лет назад
GHSA-5689-v88g-g6rv llhttp allows HTTP Request Smuggling via Flawed Parsing of Transfer-Encoding	CVSS3: 9.1	89% Высокий	больше 3 лет назад
GHSA-5492-mr68-4m2h The llhttp parser in the http module in Node v17.6.0 does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).	CVSS3: 9.1	88% Высокий	больше 3 лет назад
GHSA-4p8g-wmmc-p9f7 Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate	CVSS3: 7.5	5% Низкий	больше 3 лет назад
CVE-2022-32215 The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).	CVSS3: 6.5	88% Высокий	больше 3 лет назад
CVE-2022-32215 The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS).	CVSS3: 6.5	88% Высокий	больше 3 лет назад

Уязвимостей на страницу