| Max CVSS | 5.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-0732 | 5.0 |
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime result
|
16-08-2022 - 13:00 | 12-06-2018 - 13:29 | |
| CVE-2018-7166 | 5.0 |
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause `Buffer.alloc()` to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying `e
|
22-09-2020 - 13:59 | 21-08-2018 - 12:29 | |
| CVE-2018-12115 | 5.0 |
In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a
|
20-03-2020 - 21:15 | 21-08-2018 - 12:29 |