| Max CVSS | 7.5 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-8201 | 5.8 |
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multit
|
24-05-2022 - 17:24 | 18-09-2020 - 21:15 | |
| CVE-2020-8252 | 4.6 |
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
|
24-05-2022 - 17:16 | 18-09-2020 - 21:15 | |
| CVE-2020-8251 | 5.0 |
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
|
24-05-2022 - 16:54 | 18-09-2020 - 21:15 | |
| CVE-2020-8252 | 7.5 |
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
|
30-09-2020 - 20:15 | 18-09-2020 - 21:15 | |
| CVE-2020-8251 | 5.0 |
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
|
29-09-2020 - 18:31 | 18-09-2020 - 21:15 | |
| CVE-2020-8201 | 6.4 |
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multit
|
29-09-2020 - 18:28 | 18-09-2020 - 21:15 |