The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Node Core

Node Core: code execution via DNS Rebinding Localhost6
An attacker can use a vulnerability via DNS Rebinding Localhost6 of Node Core, in order to run code...
CVE-2021-22884, DSA-4863-1, FEDORA-2021-a760169c3c, FEDORA-2021-f6bd75e9d4, openSUSE-SU-2021:0356-1, openSUSE-SU-2021:0357-1, openSUSE-SU-2021:0372-1, openSUSE-SU-2021:0389-1, RHSA-2021:0734-01, RHSA-2021:0735-01, RHSA-2021:0738-01, RHSA-2021:0739-01, RHSA-2021:0740-01, RHSA-2021:0741-01, RHSA-2021:0744-01, RHSA-2021:0827-01, RHSA-2021:0830-01, RHSA-2021:0831-01, SUSE-SU-2021:0648-1, SUSE-SU-2021:0649-1, SUSE-SU-2021:0650-1, SUSE-SU-2021:0651-1, SUSE-SU-2021:0673-1, SUSE-SU-2021:0674-1, SUSE-SU-2021:0686-1, VIGILANCE-VUL-34655
OpenSSL: buffer overflow via EVP_XUpdate
An attacker can trigger a buffer overflow via EVP_XUpdate of OpenSSL, in order to trigger a denial of service, and possibly to run code...
6429603, 6443405, 6445489, CERTFR-2021-AVI-124, CERTFR-2021-AVI-187, cpuapr2021, CVE-2021-23840, DLA-2563-1, DLA-2565-1, DSA-4855-1, openSUSE-SU-2021:0357-1, openSUSE-SU-2021:0372-1, openSUSE-SU-2021:0427-1, openSUSE-SU-2021:0430-1, STORM-2021-002, SUSE-SU-2021:0649-1, SUSE-SU-2021:0651-1, SUSE-SU-2021:0673-1, SUSE-SU-2021:0674-1, SUSE-SU-2021:0725-1, SUSE-SU-2021:0752-1, SUSE-SU-2021:0753-1, SUSE-SU-2021:0754-1, SUSE-SU-2021:0755-1, SUSE-SU-2021:0769-1, SUSE-SU-2021:0793-1, SUSE-SU-2021:0939-1, SUSE-SU-2021:14667-1, SUSE-SU-2021:14670-1, SYMSA17570, USN-4738-1, VIGILANCE-VUL-34597
Node Core: read-write access via HTTP Request Smuggling
An attacker can bypass access restrictions via HTTP Request Smuggling of Node Core, in order to read or alter data...
6440625, 6446767, CVE-2020-8287, DSA-4826-1, FEDORA-2021-d5b2c18fe6, FEDORA-2021-fb1a136393, openSUSE-SU-2021:0064-1, openSUSE-SU-2021:0065-1, openSUSE-SU-2021:0066-1, openSUSE-SU-2021:0082-1, openSUSE-SU-2021:0195-1, RHSA-2021:0421-01, RHSA-2021:0485-01, RHSA-2021:0521-01, RHSA-2021:0548-01, RHSA-2021:0549-01, RHSA-2021:0551-01, SUSE-SU-2021:0060-1, SUSE-SU-2021:0061-1, SUSE-SU-2021:0062-1, SUSE-SU-2021:0068-1, SUSE-SU-2021:0082-1, SUSE-SU-2021:0107-1, SUSE-SU-2021:0121-1, SUSE-SU-2021:0224-1, VIGILANCE-VUL-34242
Node.js y18n: privilege escalation via Prototype Pollution
An attacker can bypass restrictions via Prototype Pollution of Node.js y18n, in order to escalate his privileges...
CVE-2020-7774, FEDORA-2021-c11da301be, FEDORA-2021-d934acdb42, RHSA-2020:5305-01, RHSA-2020:5499-01, RHSA-2021:0421-01, RHSA-2021:0521-01, RHSA-2021:0548-01, RHSA-2021:0551-01, VIGILANCE-VUL-34015
Node Core: denial of service via Numerous DNS Responses
An attacker can trigger a fatal error via Numerous DNS Responses of Node Core, in order to trigger a denial of service...
6410882, 6420355, 6426699, CERTFR-2021-AVI-101, CERTFR-2021-AVI-146, cpuapr2021, CVE-2020-8277, FEDORA-2020-307e873389, FEDORA-2020-7473744de1, K07944249, openSUSE-SU-2020:2045-1, openSUSE-SU-2020:2092-1, openSUSE-SU-2021:0064-1, openSUSE-SU-2021:0066-1, RHSA-2020:5305-01, RHSA-2020:5499-01, RHSA-2021:0421-01, RHSA-2021:0551-01, SUSE-SU-2020:3478-1, SUSE-SU-2020:3549-1, SUSE-SU-2021:0061-1, SUSE-SU-2021:0062-1, USN-4638-1, VIGILANCE-VUL-33903
Node Core: information disclosure via CR-to-Hyphen HTTP Request Smuggling
An attacker can bypass access restrictions to data via CR-to-Hyphen HTTP Request Smuggling of Node Core, in order to obtain sensitive information...
6367943, 6410494, CERTFR-2020-AVI-680, CVE-2020-8201, FEDORA-2020-43d5a372fc, FEDORA-2020-74bf23e1f1, FEDORA-2020-c605353480, FEDORA-2020-eb942ee0db, openSUSE-SU-2020:1616-1, RHSA-2020:4272-01, RHSA-2020:4903-01, RHSA-2020:5086-01, STORM-2020-027, STORM-2020-028, SUSE-SU-2020:2812-1, SUSE-SU-2020:2813-1, VIGILANCE-VUL-33334
Node Core: buffer overflow via fs.realpath.native
An attacker can trigger a buffer overflow via fs.realpath.native of Node Core, in order to trigger a denial of service, and possibly to run code...
6367943, 6410494, CERTFR-2020-AVI-680, CVE-2020-8252, FEDORA-2020-43d5a372fc, FEDORA-2020-74bf23e1f1, FEDORA-2020-c605353480, FEDORA-2020-eb942ee0db, openSUSE-SU-2020:1616-1, openSUSE-SU-2020:1660-1, RHSA-2020:4272-01, RHSA-2020:4903-01, RHSA-2020:5086-01, RHSA-2021:0521-01, RHSA-2021:0548-01, STORM-2020-027, STORM-2020-028, SUSE-SU-2020:2812-1, SUSE-SU-2020:2813-1, SUSE-SU-2020:2823-1, SUSE-SU-2020:2830-1, USN-4548-1, VIGILANCE-VUL-33333
Node Core: three vulnerabilities
An attacker can use several vulnerabilities of Node Core...
6409294, 6410488, bulletinjul2020, cpujan2021, cpuoct2020, CVE-2020-11080-ERROR, CVE-2020-8172, CVE-2020-8174, DSA-4696-1, FEDORA-2020-43d5a372fc, FEDORA-2020-754b711a58, FEDORA-2020-fed59ab473, openSUSE-SU-2020:0802-1, PROJ-ZERO-2019, RHSA-2020:2847-01, RHSA-2020:2848-01, RHSA-2020:2849-01, RHSA-2020:2852-01, RHSA-2020:2895-01, RHSA-2020:3042-01, RHSA-2020:3084-01, SUSE-SU-2020:1623-1, SUSE-SU-2020:2800-1, VIGILANCE-VUL-32395
OpenSSL: NULL pointer dereference via SSL_check_chain
An attacker can force a NULL pointer to be dereferenced via SSL_check_chain() of OpenSSL, in order to trigger a denial of service...
6235728, 6409294, bulletinjul2020, CERTFR-2020-AVI-235, cpujul2020, cpuoct2020, CVE-2020-1967, DSA-4661-1, FreeBSD-SA-20:11.openssl, JSA11074, openSUSE-SU-2020:0933-1, openSUSE-SU-2020:0945-1, SUSE-SU-2020:1058-1, SUSE-SU-2020:2041-1, VIGILANCE-VUL-32076
ICU: integer overflow via UnicodeString-doAppend
An attacker can trigger an integer overflow via UnicodeString::doAppend() of ICU, in order to trigger a denial of service, and possibly to run code...
bulletinoct2020, CVE-2020-10531, DLA-2151-1, DSA-4646-1, FEDORA-2020-39e0b8bd14, FEDORA-2020-43d5a372fc, JSA11174, JSA11176, openSUSE-SU-2020:0459-1, RHSA-2020:0896-01, RHSA-2020:0897-01, RHSA-2020:0901-01, RHSA-2020:0902-01, RHSA-2020:1293-01, RHSA-2020:1317-01, RHSA-2020:1343-01, RHSA-2020:2895-01, RHSA-2020:3084-01, SUSE-SU-2020:1180-1, USN-4305-1, VIGILANCE-VUL-31815
Our database contains other pages. You can request a free trial to read them.

Display information about Node Core: