Количество 22
Количество 22
CVE-2020-8265
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.
CVE-2020-8265
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.
CVE-2020-8265
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.
CVE-2020-8265
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerab ...
GHSA-879w-9vpf-9pw9
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.
BDU:2021-00883
Уязвимость реализации метода DoWrite программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
SUSE-SU-2021:0107-1
Security update for nodejs14
openSUSE-SU-2021:0082-1
Security update for nodejs10
openSUSE-SU-2021:0066-1
Security update for nodejs14
openSUSE-SU-2021:0065-1
Security update for nodejs10
SUSE-SU-2021:0082-1
Security update for nodejs10
SUSE-SU-2021:0068-1
Security update for nodejs12
SUSE-SU-2021:0061-1
Security update for nodejs14
SUSE-SU-2021:0060-1
Security update for nodejs10
openSUSE-SU-2021:0064-1
Security update for nodejs12
SUSE-SU-2021:0062-1
Security update for nodejs12
ELSA-2021-0549
ELSA-2021-0549: nodejs:12 security update (MODERATE)
RLSA-2021:0551
Moderate: nodejs:14 security and bug fix update
RLSA-2021:0549
Moderate: nodejs:12 security update
ELSA-2021-0551
ELSA-2021-0551: nodejs:14 security and bug fix update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-8265 Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. | CVSS3: 8.1 | 1% Низкий | почти 5 лет назад |
 | CVE-2020-8265 Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. | CVSS3: 8.1 | 1% Низкий | почти 5 лет назад |
 | CVE-2020-8265 Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. | CVSS3: 8.1 | 1% Низкий | почти 5 лет назад |
| CVE-2020-8265 Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerab ... | CVSS3: 8.1 | 1% Низкий | почти 5 лет назад |
| GHSA-879w-9vpf-9pw9 Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. | CVSS3: 8.1 | 1% Низкий | больше 3 лет назад |
 | BDU:2021-00883 Уязвимость реализации метода DoWrite программной платформы Node.js, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие | CVSS3: 8.1 | 1% Низкий | почти 5 лет назад |
 | SUSE-SU-2021:0107-1 Security update for nodejs14 | почти 5 лет назад | ||
| openSUSE-SU-2021:0082-1 Security update for nodejs10 | почти 5 лет назад | ||
| openSUSE-SU-2021:0066-1 Security update for nodejs14 | почти 5 лет назад | ||
| openSUSE-SU-2021:0065-1 Security update for nodejs10 | почти 5 лет назад | ||
| SUSE-SU-2021:0082-1 Security update for nodejs10 | почти 5 лет назад | ||
| SUSE-SU-2021:0068-1 Security update for nodejs12 | почти 5 лет назад | ||
| SUSE-SU-2021:0061-1 Security update for nodejs14 | почти 5 лет назад | ||
| SUSE-SU-2021:0060-1 Security update for nodejs10 | почти 5 лет назад | ||
| openSUSE-SU-2021:0064-1 Security update for nodejs12 | почти 5 лет назад | ||
| SUSE-SU-2021:0062-1 Security update for nodejs12 | почти 5 лет назад | ||
| ELSA-2021-0549 ELSA-2021-0549: nodejs:12 security update (MODERATE) | почти 5 лет назад | ||
 | RLSA-2021:0551 Moderate: nodejs:14 security and bug fix update | почти 5 лет назад | ||
| RLSA-2021:0549 Moderate: nodejs:12 security update | почти 5 лет назад | ||
| ELSA-2021-0551 ELSA-2021-0551: nodejs:14 security and bug fix update (MODERATE) | почти 5 лет назад |
Уязвимостей на страницу