Max CVSS | 9.3 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-11080 | 5.0 |
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings e
|
16-10-2023 - 18:15 | 03-06-2020 - 23:15 | |
CVE-2020-8172 | 5.8 |
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
|
12-05-2022 - 15:01 | 08-06-2020 - 14:15 | |
CVE-2020-8174 | 9.3 |
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
|
12-05-2022 - 15:01 | 24-07-2020 - 22:15 | |
CVE-2020-7598 | 6.8 |
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload.
|
22-04-2022 - 19:02 | 11-03-2020 - 23:15 |