Nodejs Node vulnerabilities

CVE-2021-22931 [CRITICAL] CWE-170 CVE-2021-22931: Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library.

CVE-2021-22940 [HIGH] CWE-416 CVE-2021-22940: Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attack Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.

CVE-2021-22939 [MEDIUM] CWE-295 CVE-2021-22939: If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthori If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.

CVE-2021-22921 [HIGH] CWE-732 CVE-2021-22921: Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks unde Node.js before 16.4.1, 14.17.2, and 12.22.2 is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking.

CVE-2021-22918 [MEDIUM] CWE-125 CVE-2021-22918: Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be

CVE-2021-22884 [HIGH] CWE-350 CVE-2021-22884: Node Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “lo

CVE-2021-22883 [HIGH] CWE-400 CVE-2021-22883: Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack wh Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also

CVE-2020-8265 [HIGH] CWE-416 CVE-2020-8265: Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to th

CVE-2020-8287 [MEDIUM] CWE-444 CVE-2020-8287: Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an H Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.

CVE-2020-8277 [HIGH] CWE-400 CVE-2020-8277: A Node.js application that allows an attacker to trigger a DNS request for a host of their choice co A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.

CVE-2020-8251 [HIGH] CWE-400 CVE-2020-8251: Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests su Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.

CVE-2020-8252 [HIGH] CWE-120 CVE-2020-8252: The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incor The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.

CVE-2020-8201 [HIGH] CWE-444 CVE-2020-8201: Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attacks depending on the architecture of the underlying system. The attack was possible due t

CVE-2019-15605 [CRITICAL] CWE-444 CVE-2019-15605: HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-enc HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed

CVE-2019-15606 [CRITICAL] CWE-20 CVE-2019-15606: Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of autho Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons

CVE-2019-15604 [HIGH] CWE-295 CVE-2019-15604: Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVE-2018-7160 [HIGH] CWE-350 CVE-2018-7160: The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be explo The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebin