CVE-2015-2927

CWE-399CWE-416 โ€” Use After Free7 documents5 sources
Severity
6.5MEDIUM
EPSS
0.6%
top 29.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Uronode URO NodeDebian Debian LinuxNodejs Node.js
Timeline
PublishedSep 20
Latest updateMay 13

Description

node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidth consumption).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

โ–ถNVDuronode/uro_node1.0.5
โ–ถNVDnodejs/node.js0.3.2

Also affects: Debian Linux 8.0, 9.0

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-7c2w-7whc-jvcc: node 0โ†—2022-05-13
โ–ถ
CVEList
CVE-2015-2927: node 0โ†—2017-09-20
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Red Hat
webkitgtk: use-after-free in the HTMLFormElement::prepareForSubmission() (WSA-2015-0001)โ†—2015-01-26
โ–ถ

๐Ÿ’ฌCommunity

3
Bugzilla
CVE-2015-2927 node: denial of service due to incorrect SIGQUITโ†—2015-04-08
โ–ถ
Bugzilla
CVE-2015-2927 node: SIGQUIT fails [fedora-all]โ†—2015-04-06
โ–ถ
Bugzilla
CVE-2013-2927 webkitgtk: use-after-free in the HTMLFormElement::prepareForSubmission() (WSA-2015-0001)โ†—2015-01-27
โ–ถ
CVE-2015-2927 (MEDIUM CVSS 6.5) | node 0.3.2 and URONode before 1.0.5 | cvebase.io