nodejs
239 tracked vulnerabilities.
CVE-2019-15604
HIGH
Node.js 10.0.0-10.18.9, 13.0.0-13.7.9 - Denial of Service via Crafted X.509 Certificate
Feb 07, 2020
CVSS 7.5
EPSS 0.20
CVE-2019-9518
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Empty Frame Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.25
CVE-2019-9517
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.27
CVE-2019-9516
MEDIUM
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Header Leak
Aug 13, 2019
CVSS 6.5
EPSS 0.56
CVE-2019-9515
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Settings Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.88
CVE-2019-9514
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Reset Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.83
CVE-2019-9513
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Priority Tree Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.82
CVE-2019-9512
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Ping Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.83
CVE-2019-9511
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Size Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.58
CVE-2019-5739
HIGH
Node.js < 6.16.0 - Denial of Service via Keep-Alive Timeout
Mar 28, 2019
CVSS 7.5
EPSS 0.05
CVE-2019-5737
HIGH
Node.js 6.x < 6.17.0, 8.x < 8.15.1, 10.x < 10.15.2, 11.x < 11.10.1 - Denial of Service via Slow HTTP Headers
Mar 28, 2019
CVSS 7.5
EPSS 0.16
CVE-2019-1559
MEDIUM
OpenSSL 1.0.2-1.0.2q - Padding Oracle via SSL_shutdown Double Call
Feb 27, 2019
CVSS 5.9
EPSS 0.17
CVE-2018-21270
MEDIUM
Node.js stringstream < 0.0.6 - Out-of-bounds Read via Uninitialized Buffer Allocation
Dec 03, 2020
CVSS 6.5
EPSS 0.04
CVE-2018-12123
MEDIUM
Node.js <6.15.0, 8.14.0, 10.14.0, 11.3.0 - Info Disclosure
Nov 28, 2018
CVSS 4.3
EPSS 0.04
CVE-2018-12122
HIGH
Node.js <6.15.0, 8.14.0, 10.14.0, 11.3.0 - DoS
Nov 28, 2018
CVSS 7.5
EPSS 0.41
CVE-2018-12121
HIGH
Node.js <6.15.0,8.14.0,10.14.0,11.3.0 - DoS
Nov 28, 2018
CVSS 7.5
EPSS 0.10
CVE-2018-12120
HIGH
Node.js 6.0.0-6.14.9 - Remote Code Execution via Debugger Port
Nov 28, 2018
CVSS 8.1
EPSS 0.04
CVE-2018-12116
HIGH
Node.js < 6.8.1 and 6.9.0-6.15.0 - HTTP Request Splitting via Path Option
Nov 28, 2018
CVSS 7.5
EPSS 0.05
CVE-2018-5407
MEDIUM
Ubuntu Linux - Exposure of Sensitive Information via SMT Port Contention Timing Attack
Nov 15, 2018
CVSS 4.7
EPSS 0.03
CVE-2018-0734
MEDIUM
OpenSSL 1.0.2-1.0.2p 1.1.0-1.1.0i 1.1.1 - Timing Side Channel Attack via DSA Signature Algorithm
Oct 30, 2018
CVSS 5.9
EPSS 0.12
CVE-2018-0735
MEDIUM
OpenSSL 1.1.0-1.1.0i and 1.1.1 - Timing Side Channel Attack in ECDSA Signature Algorithm
Oct 29, 2018
CVSS 5.9
EPSS 0.05
CVE-2018-7166
HIGH
Node.js 10 <10.9.0 - Buffer Overflow
Aug 21, 2018
CVSS 7.5
EPSS 0.03
CVE-2018-12115
HIGH
Node.js <6.14.4,8.11.4,10.9.0 - Memory Corruption
Aug 21, 2018
CVSS 7.5
EPSS 0.08
CVE-2018-7167
HIGH
Node.js 6.9.0-6.14.2 and 9.0.0-9.11.1 - Denial of Service via Buffer.fill() or Buffer.alloc()
Jun 13, 2018
CVSS 7.5
EPSS 0.07
CVE-2018-7164
HIGH
Node.js 9.7.0-9.11.2 - Denial of Service via net.Socket Stream Memory Consumption
Jun 13, 2018
CVSS 7.5
EPSS 0.06
Products
Quick Filters