Max CVSS 7.5 Min CVSS 4.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-8201 5.8
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multit
24-05-2022 - 17:24 18-09-2020 - 21:15
CVE-2020-8252 4.6
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
24-05-2022 - 17:16 18-09-2020 - 21:15
CVE-2020-8251 5.0
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
24-05-2022 - 16:54 18-09-2020 - 21:15
CVE-2020-8252 7.5
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
30-09-2020 - 20:15 18-09-2020 - 21:15
CVE-2020-8251 5.0
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
29-09-2020 - 18:31 18-09-2020 - 21:15
CVE-2020-8201 6.4
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multit
29-09-2020 - 18:28 18-09-2020 - 21:15
Back to Top Mark selected
Back to Top