| Max CVSS | 7.8 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-7167 | 5.0 |
Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero
|
29-08-2022 - 20:24 | 13-06-2018 - 16:29 | |
| CVE-2018-7164 | 5.0 |
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker c
|
29-08-2022 - 20:21 | 13-06-2018 - 16:29 | |
| CVE-2018-1000168 | 5.0 |
nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network
|
16-08-2022 - 13:01 | 08-05-2018 - 15:29 | |
| CVE-2018-7161 | 7.8 |
All versions of Node.js 8.x, 9.x, and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 se
|
16-08-2022 - 13:00 | 13-06-2018 - 16:29 | |
| CVE-2018-7162 | 7.8 |
All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending
|
16-08-2022 - 13:00 | 13-06-2018 - 16:29 |