Search CVE reports
1 – 10 of 202 results
[TLS PSK/ALPN Callback Exceptions Bypass Error Handlers, Causing DoS and FD Leak]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Node.js permission model bypass via unchecked Unix Domain Socket connections (UDS)]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Uncatchable "Maximum call stack size exceeded" error on Node.js via async_hooks leads to process crashes bypassing error handlers]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Node.js HTTP/2 server crashes with unhandled error when receiving malformed HEADERS frame]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Memory leak that enables remote Denial of Service against applications processing TLS client certificates]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[fs.futimes() Bypasses Read-Only Permission Model]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Timeout-based race conditions make Uint8Array/Buffer.alloc non-zerofilled]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
[Bypass File System Permissions using crafted symlinks]
1 affected package
nodejs
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| nodejs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 4 of 7
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority component of the HTTP URL is an...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | Not affected | Not affected | Not affected | Not affected |
| openssl1.0 | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Vulnerable | Not affected | Needs evaluation |
| edk2 | Not affected | Not affected | Not affected | Not affected |
Some fixes available 2 of 5
Issue summary: A timing side-channel which could potentially allow remote recovery of the private key exists in the SM2 algorithm implementation on 64 bit ARM platforms. Impact summary: A timing side-channel in SM2 signature...
4 affected packages
openssl, openssl1.0, nodejs, edk2
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| openssl | Not affected | Not affected | Not affected | Not affected |
| openssl1.0 | Not in release | Not in release | — | Not affected |
| nodejs | Not affected | Vulnerable | Not affected | Needs evaluation |
| edk2 | Not affected | Not affected | Not affected | Not affected |