Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
07 Mar 2024, 21:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* |
16 Nov 2022, 03:02
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200221-0004/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0598 - Third Party Advisory | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4669 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0579 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0602 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0573 - Third Party Advisory | |
References | (N/A) https://www.oracle.com/security-alerts/cpuapr2020.html - Patch, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202003-48 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2020:0597 - Third Party Advisory | |
CPE | cpe:2.3:a:oracle:graalvm:20.0.0:*:*:*:enterprise:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.4.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:* cpe:2.3:a:oracle:graalvm:19.3.1:*:*:*:enterprise:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:* |
|
First Time |
Oracle communications Cloud Native Core Network Function Cloud Native Environment
Redhat Oracle graalvm Redhat software Collections Redhat enterprise Linux Eus Redhat enterprise Linux Server Aus Debian debian Linux Opensuse leap Debian Oracle Redhat enterprise Linux Server Tus Redhat enterprise Linux Opensuse |
Information
Published : 2020-02-07 15:15
Updated : 2024-03-07 21:24
NVD link : CVE-2019-15604
Mitre link : CVE-2019-15604
CVE.ORG link : CVE-2019-15604
JSON object : View
Products Affected
redhat
- software_collections
- enterprise_linux_server_tus
- enterprise_linux_server_aus
- enterprise_linux
- enterprise_linux_eus
oracle
- graalvm
- communications_cloud_native_core_network_function_cloud_native_environment
opensuse
- leap
nodejs
- node.js
debian
- debian_linux
CWE
CWE-295
Improper Certificate Validation