Max CVSS 9.3 Min CVSS 4.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-8252 4.6
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
24-05-2022 - 17:16 18-09-2020 - 21:15
CVE-2020-8174 9.3
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
12-05-2022 - 15:01 24-07-2020 - 22:15
CVE-2020-8277 5.0
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number
10-05-2022 - 15:25 19-11-2020 - 01:15
CVE-2020-8252 7.5
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
30-09-2020 - 20:15 18-09-2020 - 21:15
Back to Top Mark selected
Back to Top