exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2021-44532

Status Candidate

Overview

Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option.

Related Files

Red Hat Security Advisory 2023-1742-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1742-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, bypass, and denial of service vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2021-44906, CVE-2022-0235, CVE-2022-21824, CVE-2022-24999, CVE-2022-25881, CVE-2022-3517, CVE-2022-35256, CVE-2022-38900, CVE-2022-43548, CVE-2022-4904
SHA-256 | f28377e6e25b8387aa54cea292997b508ff485520e06f1243636f40bf125d07b
Red Hat Security Advisory 2022-9073-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9073-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2021-44906, CVE-2022-21824, CVE-2022-3517, CVE-2022-43548
SHA-256 | 58a475f3944861cebbf2d0ab6df5a1520a1b99b5680cbbaa3c7af98223362bdc
Red Hat Security Advisory 2022-7830-01
Posted Nov 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7830-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.

tags | advisory, web, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2022-21824, CVE-2022-35256
SHA-256 | 521e03457dbbddaa7a91532e37ddb7f212b176aabf6c09459f5e9f6fcf378b3f
Red Hat Security Advisory 2022-7044-01
Posted Oct 20, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7044-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.

tags | advisory, web, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2021-44906, CVE-2022-21824, CVE-2022-35256
SHA-256 | 7e022ca70787cce1eb3e02a0838ebec4d8b3c6738820e4c3f4bc45f39e0bef47
Debian Security Advisory 5170-1
Posted Jun 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5170-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, a bypass of certificate verification or prototype pollution.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2022-21824
SHA-256 | 02c22c0c690787980900a20bd2fbcd3897504bf8d273ec8ab1b192278ce7ab7b
Red Hat Security Advisory 2022-4914-01
Posted Jun 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4914-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and bypass vulnerabilities.

tags | advisory, web, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-22959, CVE-2021-22960, CVE-2021-37701, CVE-2021-37712, CVE-2021-3918, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2021-44906, CVE-2022-21824
SHA-256 | b43f0c89fd3414efa475d6ec07c2e68d3f66f12f846e7070d1966227905eca9d
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    18 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    31 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close