Search CVE reports
171 – 176 of 176 results
CVE-2015-8027
Medium priorityNode.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service...
1 affected packages
nodejs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nodejs | — | — | — | Not affected | Not affected |
CVE-2015-6764
Low priorityThe BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause...
3 affected packages
libv8, libv8-3.14, nodejs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libv8 | — | — | — | Not in release | Not in release |
libv8-3.14 | — | — | — | Ignored | Ignored |
nodejs | — | — | — | Not affected | Not affected |
CVE-2015-5380
Medium priorityThe Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a...
1 affected packages
nodejs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nodejs | — | — | — | Not affected | Not affected |
CVE-2014-0177
Unknown priorityThe am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
1 affected packages
nodejs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nodejs | — | — | — | Ignored | Ignored |
CVE-2013-4450
Medium priorityThe HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined requests without reading the response.
1 affected packages
nodejs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nodejs | — | — | — | — | Not affected |
CVE-2012-2330
Medium priorityThe Update method in src/node_http_parser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information (request header contents) and...
1 affected packages
nodejs
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
nodejs | — | — | — | — | Not affected |