Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libuv libuv vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24806
libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be ex...
Libuv Libuv
445
VMScore
CVE-2021-22918
Node.js prior to 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. ...
Nodejs Node.js
Siemens Sinec Infrastructure Network Services
409
VMScore
CVE-2020-8252
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
605
VMScore
CVE-2014-9748
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv prior to 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows malicious users to cause a denial of service (deadlock) or possibly have unspecified other impa...
Libuv Libuv
Nodejs Node.js
890
VMScore
CVE-2015-0278
libuv prior to 0.10.34 does not properly drop group privileges, which allows context-dependent malicious users to gain privileges via unspecified vectors.
Fedoraproject Fedora 21
Libuv Project Libuv
Nodejs Node.js
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started