Nodejs Node.Js vulnerabilities

CVE-2018-12115 [HIGH] CWE-787 CVE-2018-12115: In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recogni In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. Writes that start from the second-to-last position of a buffer cause a miscalculation

CVE-2018-7164 [HIGH] CWE-400 CVE-2018-7164: Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduce Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerab

CVE-2018-7161 [HIGH] CWE-20 CVE-2018-7161: All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where objects are used in native code after they are no longer

CVE-2018-7162 [HIGH] CWE-20 CVE-2018-7162: All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending duplicate/unexpected messages during the handshake. This vulnerability has been addressed by updating the T

CVE-2018-7167 [HIGH] CWE-119 CVE-2018-7167: Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result i Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron"), 8.x (LTS "Carbon"), an

CVE-2018-0732 [HIGH] CWE-320 CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed

CVE-2017-16024 [MEDIUM] CWE-377 CVE-2017-16024: The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain confidential information from the buffer/tmp file, while it exists.

CVE-2018-7160 [HIGH] CWE-350 CVE-2018-7160: The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be explo The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebin

CVE-2018-7158 [HIGH] CWE-185 CVE-2018-7158: The `'path'` module in the Node.js 4.x release line contains a potential regular expression denial o The `'path'` module in the Node.js 4.x release line contains a potential regular expression denial of service (ReDoS) vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The regular expression, `splitPathRe`, used within the `'path'` module for the various path parsing functi

CVE-2018-7159 [MEDIUM] CWE-115 CVE-2018-7159: The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, al The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference.

CVE-2017-15896 [CRITICAL] CVE-2017-15896: Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.

CVE-2017-15897 [LOW] CWE-665 CVE-2017-15897: Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encodi Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

CVE-2017-3738 [MEDIUM] CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of t

CVE-2017-14919 [HIGH] CWE-20 CVE-2017-14919: Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a den Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter.

CVE-2014-3744 [HIGH] CWE-22 CVE-2014-3744: Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.

CVE-2015-7384 [HIGH] CWE-400 CVE-2015-7384: Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service. Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service.

CVE-2017-14849 [HIGH] CWE-22 CVE-2017-14849: Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to " Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules.

CVE-2015-2927 [MEDIUM] CWE-399 CVE-2015-2927: node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidt node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidth consumption).

CVE-2017-11499 [HIGH] CWE-20 CVE-2017-11499: Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized

CVE-2017-1000381 [HIGH] CWE-200 CVE-2017-1000381: The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way.