Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nodejs node.js 4.2.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-8027
Node.js 0.12.x prior to 0.12.9, 4.x prior to 4.2.3, and 5.x prior to 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote malicious users to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.
Nodejs Node.js 0.12.7
Nodejs Node.js 0.12.6
Nodejs Node.js 5.1.0
Nodejs Node.js 5.0.0
Nodejs Node.js 0.12.4
Nodejs Node.js 0.12.3
Nodejs Node.js 4.2.0
Nodejs Node.js 0.12.8
Nodejs Node.js 0.12.1
Nodejs Node.js 0.12.5
Nodejs Node.js 4.2.2
Nodejs Node.js 4.2.1
Nodejs Node.js 0.12.2
Nodejs Node.js 0.12.0
2 Articles
7.5
CVSSv3
CVE-2016-2086
Node.js 0.10.x prior to 0.10.42, 0.12.x prior to 0.12.10, 4.x prior to 4.3.0, and 5.x prior to 5.6.0 allow remote malicious users to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
Nodejs Node.js 5.2.0
Nodejs Node.js 5.1.1
Nodejs Node.js 4.2.1
Nodejs Node.js 4.2.0
Nodejs Node.js 0.12.7
Nodejs Node.js 0.12.6
Nodejs Node.js 0.10.9
Nodejs Node.js 0.10.8
Nodejs Node.js 0.10.38
Nodejs Node.js 0.10.37
Nodejs Node.js 0.10.30
Nodejs Node.js 0.10.3
Nodejs Node.js 0.10.23
Nodejs Node.js 0.10.22
Nodejs Node.js 0.10.16
Nodejs Node.js 0.10.15
Nodejs Node.js 0.10.0
Nodejs Node.js 5.4.0
Nodejs Node.js 5.3.0
Nodejs Node.js 4.2.4
Nodejs Node.js 5.1.0
Nodejs Node.js 5.0.0
1 Article
7.5
CVSSv3
CVE-2017-11499
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building ...
Nodejs Node.js 8.0.0
Nodejs Node.js 7.0.0
Nodejs Node.js 7.4.0
Nodejs Node.js 7.5.0
Nodejs Node.js 7.9.0
Nodejs Node.js 6.0.0
Nodejs Node.js 6.11.1
Nodejs Node.js 6.2.0
Nodejs Node.js 6.6.0
Nodejs Node.js 6.7.0
Nodejs Node.js 6.9.5
Nodejs Node.js 5.0.0
Nodejs Node.js 5.12.0
Nodejs Node.js 5.2.0
Nodejs Node.js 5.7.1
Nodejs Node.js 5.8.0
Nodejs Node.js 4.2.1
Nodejs Node.js 4.2.2
Nodejs Node.js 4.3.2
Nodejs Node.js 4.4.0
Nodejs Node.js 4.4.7
Nodejs Node.js 4.5.0
7.5
CVSSv3
CVE-2016-3956
The CLI in npm prior to 2.15.1 and 3.x prior to 3.8.3, as used in Node.js 0.10 prior to 0.10.44, 0.12 prior to 0.12.13, 4 prior to 4.4.2, and 5 prior to 5.10.0, includes bearer tokens with arbitrary requests, which allows remote HTTP servers to obtain sensitive information by rea...
Ibm Sdk
Nodejs Node.js 5.6.0
Nodejs Node.js 4.4.0
Nodejs Node.js 4.3.2
Nodejs Node.js 4.3.1
Nodejs Node.js 5.2.0
Nodejs Node.js 5.1.0
Nodejs Node.js 4.2.1
Nodejs Node.js 4.1.2
Nodejs Node.js 0.12.8
Nodejs Node.js 0.12.6
Nodejs Node.js 0.10.9
Nodejs Node.js 0.10.7
Nodejs Node.js 0.10.38
Nodejs Node.js 0.10.36
Nodejs Node.js 0.10.31
Nodejs Node.js 0.10.3
Nodejs Node.js 0.10.23
Nodejs Node.js 0.10.21
Nodejs Node.js 0.10.16
Nodejs Node.js 0.10.14
Nodejs Node.js 0.10.1
7.5
CVSSv3
CVE-2016-2216
The HTTP header parsing code in Node.js 0.10.x prior to 0.10.42, 0.11.6 up to and including 0.11.16, 0.12.x prior to 0.12.10, 4.x prior to 4.3.0, and 5.x prior to 5.6.0 allows remote malicious users to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unico...
Nodejs Node.js 5.3.0
Nodejs Node.js 5.2.0
Nodejs Node.js 4.2.2
Nodejs Node.js 4.2.1
Nodejs Node.js 0.12.8
Nodejs Node.js 0.12.7
Nodejs Node.js 0.12.0
Nodejs Node.js 0.11.16
Nodejs Node.js 0.11.15
Nodejs Node.js 0.11.8
Nodejs Node.js 0.11.7
Nodejs Node.js 0.10.41
Nodejs Node.js 0.10.40
Nodejs Node.js 0.10.33
Nodejs Node.js 0.10.32
Nodejs Node.js 5.1.1
Nodejs Node.js 5.1.0
Nodejs Node.js 5.0.0
Nodejs Node.js 4.2.0
Nodejs Node.js 4.1.2
Nodejs Node.js 0.12.6
Nodejs Node.js 0.12.5
26 Github repositories
1 Article
NA
CVE-2014-7192
Eval injection vulnerability in index.js in the syntax-error package prior to 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote malicious users to execute arbitrary code via a crafted file.
Joyent Node.js
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started