| Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-8859 | 5.0 |
The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors.
|
12-09-2023 - 19:42 | 23-01-2017 - 21:59 | |
| CVE-2018-3728 | 6.5 |
hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via __proto
|
09-10-2019 - 23:40 | 30-03-2018 - 19:29 | |
| CVE-2018-7651 | 4.3 |
index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.
|
27-03-2018 - 14:46 | 04-03-2018 - 01:29 |