Showing 1 - 7 of 7

CVE-2020-8252

Status Candidate

Overview

The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.

Related Files

Red Hat Security Advisory 2021-0548-01: Posted Feb 16, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0548-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.; tags | advisory, web, denial of service, overflow, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-15095, CVE-2020-15366, CVE-2020-7608, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8116, CVE-2020-8252, CVE-2020-8265, CVE-2020-8287; SHA-256 | 320aab402ef7196c5381a1e9675462d0a99fe6bc160bc505ac3775abdb558fc8; Download | Favorite | View

Red Hat Security Advisory 2021-0521-01: Posted Feb 16, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0521-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, denial of service, and use-after-free vulnerabilities.; tags | advisory, web, denial of service, overflow, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-15095, CVE-2020-15366, CVE-2020-7608, CVE-2020-7754, CVE-2020-7774, CVE-2020-7788, CVE-2020-8116, CVE-2020-8252, CVE-2020-8265, CVE-2020-8287; SHA-256 | 8874e7408dd53c374668285d5a6736222671e5c705f397d142acf86d17cd1f95; Download | Favorite | View

Red Hat Security Advisory 2020-5086-01: Posted Nov 11, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-5086-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.; tags | advisory, web, overflow, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-15095, CVE-2020-8116, CVE-2020-8201, CVE-2020-8252; SHA-256 | 51a4d744605ca328594e02d8bd9ebbb530a2ad8fdd07fc010928825fae10d7db; Download | Favorite | View

Red Hat Security Advisory 2020-4903-01: Posted Nov 4, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4903-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.; tags | advisory, web, overflow, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-15095, CVE-2020-8116, CVE-2020-8201, CVE-2020-8252; SHA-256 | 9ebe1640d78c667bbe70be2fb71ccc9b031f971b05ec00cfee26c6ef375b1b0f; Download | Favorite | View

Red Hat Security Advisory 2020-4272-01: Posted Oct 19, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4272-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and buffer overflow vulnerabilities.; tags | advisory, web, overflow, javascript, vulnerability; systems | linux, redhat; advisories | CVE-2020-15095, CVE-2020-8116, CVE-2020-8201, CVE-2020-8252; SHA-256 | 29719787a1b0926acad2bfb7e01e582e869c669f6241cc4be24b52b7015b5789; Download | Favorite | View

Gentoo Linux Security Advisory 202009-15: Posted Sep 29, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202009-15 - A buffer overflow in libuv might allow remote attacker(s) to execute arbitrary code. Versions less than 1.39.0 are affected.; tags | advisory, remote, overflow, arbitrary; systems | linux, gentoo; advisories | CVE-2020-8252; SHA-256 | 5d24f84c7a8f8f467c0da7efcd97c914d39ed462331f94a15fddb75a1171c3a8; Download | Favorite | View

Ubuntu Security Notice USN-4548-1: Posted Sep 28, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4548-1 - It was discovered that libuv incorrectly handled certain paths. An attacker could possibly use this issue to cause a crash or execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2020-8252; SHA-256 | d01405ec577f0b65154300bc1671139dba5d4bdca797c3c731f81314edda4412; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 169 files
Ubuntu 62 files
indoushka 49 files
Debian 23 files
CraCkEr 19 files
Google Security Research 14 files
Gentoo 11 files
Apple 9 files
Jann Horn 4 files
EgiX 4 files

File Archives

Systems

AIX (426)
Apple (1,945)
BSD (370)
CentOS (55)
Cisco (1,917)
Debian (6,662)
Fedora (1,690)
FreeBSD (1,242)
Gentoo (4,288)
HPUX (878)
iOS (337)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (44,599)
Mac OS X (684)
Mandriva (3,105)
NetBSD (255)
OpenBSD (479)
RedHat (12,638)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,262)
UNIX (9,182)
UnixWare (185)
Windows (6,518)
Other

CVE-2020-8252

Overview

Related Files

File Archive:

January 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems