exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2021-22918

Status Candidate

Overview

Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().

Related Files

Gentoo Linux Security Advisory 202405-29
Posted May 9, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202405-29 - Multiple vulnerabilities have been discovered in Node.js. Versions greater than or equal to 16.20.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-7774, CVE-2021-22883, CVE-2021-22884, CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-22959, CVE-2021-22960, CVE-2021-3672, CVE-2021-37701, CVE-2021-37712, CVE-2021-39134
SHA-256 | 896f93d8be3fd63618f8c7828d363945d93c89399750559db27ad47c3598d38a
Gentoo Linux Security Advisory 202401-23
Posted Jan 16, 2024
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-23 - A buffer overread vulnerability has been found in libuv. Versions greater than or equal to 1.41.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2021-22918
SHA-256 | a1d98c5d3663ab5a3cd31b313c33b2ba88d065e8f085e2993c77fdeb8f968599
Red Hat Security Advisory 2021-3638-01
Posted Sep 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-23362, CVE-2021-27290, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | 2704f7d7f7834855254af3a08e31e1875339714538305d2b82dba5cf156dfce7
Red Hat Security Advisory 2021-3639-01
Posted Sep 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3639-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-23362, CVE-2021-27290, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
SHA-256 | 9af482c5f609c49bcc196fd310a95efd28a894a47260f53bda01540c21a0be32
Red Hat Security Advisory 2021-3361-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3361-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a memory exhaustion vulnerability.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2021-20271, CVE-2021-21419, CVE-2021-21623, CVE-2021-21639, CVE-2021-21640, CVE-2021-21648, CVE-2021-22543, CVE-2021-22555, CVE-2021-22918, CVE-2021-25735, CVE-2021-25737, CVE-2021-27218, CVE-2021-3114, CVE-2021-3121, CVE-2021-33195, CVE-2021-33196, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3520, CVE-2021-3537, CVE-2021-3541, CVE-2021-3609, CVE-2021-3636
SHA-256 | fa8792e889cba4980e5e69cc42c59e3108310c2072dfb34fffb0c3a8644d9099
Red Hat Security Advisory 2021-3073-01
Posted Aug 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3073-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-23362, CVE-2021-27290
SHA-256 | ebc649a9cfcfe5bc93320963ae93b3814e07e16d63af3b83e7b50da6be787f51
Red Hat Security Advisory 2021-3074-01
Posted Aug 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3074-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-23362, CVE-2021-27290
SHA-256 | 0a5836ffaa2dfddacea4f831b9e448e6454fe5c8a634c71acecc20ac15b00807
Red Hat Security Advisory 2021-3075-01
Posted Aug 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3075-01 - libuv is a multi-platform support library with a focus on asynchronous I/O. Issues addressed include information leakage and out of bounds read vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918
SHA-256 | 0f88d591d2ad9648c92a365e00b97d1142ab49aa88b12facaa913df1314f3c04
Debian Security Advisory 4936-1
Posted Jul 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4936-1 - An out-of-bounds read was discovered in the uv__idna_to_ascii() function of Libuv, an asynchronous event notification library, which could result in denial of service or information disclosure.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2021-22918
SHA-256 | 0a7f33c31a07fc41d5f7ed52fc3b276e5d28bb695e3f697e1e2b15a2cf82bdc9
Red Hat Security Advisory 2021-2932-01
Posted Jul 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2932-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-23362, CVE-2021-27290, CVE-2021-33502
SHA-256 | 7819eab95b801ee299b0c45f60fb153ccf55a8165bda9a4b92c9e354fa35c7d0
Red Hat Security Advisory 2021-2931-01
Posted Jul 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2931-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, and out of bounds read vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22918, CVE-2021-23362, CVE-2021-27290, CVE-2021-33502
SHA-256 | e59ed91a5edb1ab96597451d6ad951184459cdd8057a7fea7fee363d15069354
Ubuntu Security Notice USN-5007-1
Posted Jul 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5007-1 - Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-22918
SHA-256 | 5e12f346ee2c6bc9b4c7c8192c2802a86aeb6368abc36fd8a3f7b2415d0042ba
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close