Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nodejs node.js 4.2.1 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-8027
Node.js 0.12.x prior to 0.12.9, 4.x prior to 4.2.3, and 5.x prior to 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote malicious users to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.
Nodejs Node.js 0.12.4
Nodejs Node.js 0.12.7
Nodejs Node.js 0.12.1
Nodejs Node.js 0.12.2
Nodejs Node.js 4.2.1
Nodejs Node.js 0.12.5
Nodejs Node.js 0.12.8
Nodejs Node.js 5.1.0
Nodejs Node.js 0.12.6
Nodejs Node.js 0.12.3
Nodejs Node.js 4.2.2
Nodejs Node.js 5.0.0
Nodejs Node.js 0.12.0
Nodejs Node.js 4.2.0
2 Articles
7.5
CVSSv3
CVE-2016-2086
Node.js 0.10.x prior to 0.10.42, 0.12.x prior to 0.12.10, 4.x prior to 4.3.0, and 5.x prior to 5.6.0 allow remote malicious users to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
Nodejs Node.js 0.10.9
Nodejs Node.js 0.10.11
Nodejs Node.js 4.0.0
Nodejs Node.js 0.10.21
Nodejs Node.js 0.10.4
Nodejs Node.js 0.12.4
Nodejs Node.js 0.10.41
Nodejs Node.js 0.10.20
Nodejs Node.js 0.10.18
Nodejs Node.js 0.10.39
Nodejs Node.js 0.10.29
Nodejs Node.js 5.2.0
Nodejs Node.js 0.10.31
Nodejs Node.js 0.10.2
Nodejs Node.js 5.5.0
Nodejs Node.js 0.10.30
Nodejs Node.js 0.12.7
Nodejs Node.js 0.10.25
Nodejs Node.js 0.10.14
Nodejs Node.js 4.1.1
Nodejs Node.js 4.2.3
Nodejs Node.js 5.4.0
1 Article
7.5
CVSSv3
CVE-2016-3956
The CLI in npm prior to 2.15.1 and 3.x prior to 3.8.3, as used in Node.js 0.10 prior to 0.10.44, 0.12 prior to 0.12.13, 4 prior to 4.4.2, and 5 prior to 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by rea...
Ibm Sdk
Nodejs Node.js 0.10.9
Nodejs Node.js 4.3.0
Nodejs Node.js 0.10.11
Nodejs Node.js 4.0.0
Nodejs Node.js 0.10.21
Nodejs Node.js 0.10.4
Nodejs Node.js 4.3.2
Nodejs Node.js 0.12.4
Nodejs Node.js 0.10.41
Nodejs Node.js 0.10.20
Nodejs Node.js 0.10.18
Nodejs Node.js 0.10.39
Nodejs Node.js 0.10.29
Nodejs Node.js 5.2.0
Nodejs Node.js 0.10.31
Nodejs Node.js 4.3.1
Nodejs Node.js 0.10.2
Nodejs Node.js 5.5.0
Nodejs Node.js 5.9.0
Nodejs Node.js 0.10.30
Nodejs Node.js 0.12.7
7.5
CVSSv3
CVE-2017-11499
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building ...
Nodejs Node.js 6.0.0
Nodejs Node.js 5.10.0
Nodejs Node.js 4.3.0
Nodejs Node.js 7.8.0
Nodejs Node.js 4.0.0
Nodejs Node.js 4.5.0
Nodejs Node.js 6.2.0
Nodejs Node.js 4.3.2
Nodejs Node.js 4.6.2
Nodejs Node.js 4.4.4
Nodejs Node.js 6.11.1
Nodejs Node.js 7.7.0
Nodejs Node.js 6.9.0
Nodejs Node.js 5.12.0
Nodejs Node.js 6.3.0
Nodejs Node.js 5.2.0
Nodejs Node.js 4.3.1
Nodejs Node.js 5.5.0
Nodejs Node.js 7.4.0
Nodejs Node.js 5.9.0
Nodejs Node.js 8.1.1
Nodejs Node.js 8.1.3
7.5
CVSSv3
CVE-2016-2216
The HTTP header parsing code in Node.js 0.10.x prior to 0.10.42, 0.11.6 up to and including 0.11.16, 0.12.x prior to 0.12.10, 4.x prior to 4.3.0, and 5.x prior to 5.6.0 allows remote malicious users to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unico...
Nodejs Node.js 0.10.9
Nodejs Node.js 0.10.11
Nodejs Node.js 4.0.0
Nodejs Node.js 0.10.21
Nodejs Node.js 0.10.4
Nodejs Node.js 0.12.4
Nodejs Node.js 0.10.41
Nodejs Node.js 0.10.20
Nodejs Node.js 0.10.18
Nodejs Node.js 0.10.39
Nodejs Node.js 0.11.7
Nodejs Node.js 0.10.29
Nodejs Node.js 5.2.0
Nodejs Node.js 0.10.31
Nodejs Node.js 0.10.2
Nodejs Node.js 5.5.0
Nodejs Node.js 0.10.30
Nodejs Node.js 0.12.7
Nodejs Node.js 0.11.6
Nodejs Node.js 0.11.14
Nodejs Node.js 0.10.25
Nodejs Node.js 0.10.14
26 Github repositories
1 Article
7.4
CVSSv3
CVE-2021-3450
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve paramet...
Openssl Openssl
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider Firmware -
Netapp Storagegrid Firmware -
Windriver Linux -
Windriver Linux 18.0
Windriver Linux 19.0
Windriver Linux 17.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Volumes Ontap Mediator -
Fedoraproject Fedora 34
Tenable Nessus Agent
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Oracle Jd Edwards World Security A9.4
Oracle Weblogic Server 12.2.1.4.0
1 Github repository
1 Article
5.9
CVSSv3
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started