exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2022-32212

Status Candidate

Overview

A OS Command Injection vulnerability exists in Node.js versions <14.20.0, <16.20.0, <18.5.0 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.

Related Files

Ubuntu Security Notice USN-6491-1
Posted Nov 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6491-1 - Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Zeyu Zhang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-32212, CVE-2022-32214, CVE-2022-32215, CVE-2022-35256, CVE-2022-43548
SHA-256 | 8ddf8df4e907b7feb37bcc05076feb91fbe7775e008bc78c2060fe24dcb8e07e
Debian Security Advisory 5326-1
Posted Jan 25, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5326-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-43548
SHA-256 | 72e5be8502372f25a305cf0e5e848f49100f6c4c07231ed340c9052cb558a635
Red Hat Security Advisory 2022-6985-01
Posted Oct 18, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6985-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-33987
SHA-256 | bb0d8cfbbf56243c0b6735ea2efe318b9aa3d56e905539f815f4073229329cb2
Red Hat Security Advisory 2022-6595-01
Posted Sep 21, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6595-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-33502, CVE-2021-3807, CVE-2022-29244, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-33987
SHA-256 | a6961a3c20a833fe5635cad7db7c48ff9a47c9caef6c3b83e0adc20879e8427d
Red Hat Security Advisory 2022-6448-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6448-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-33987
SHA-256 | 77059a5029e5fa0f7d043f17c6d1f94d86241739d27ad64bf098f71c62c37a97
Red Hat Security Advisory 2022-6449-01
Posted Sep 13, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6449-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-3807, CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-33987
SHA-256 | cb5e66f8d412a46f5aff9c83c590b5c65a0a1bb01a1496c984882a20d23a1261
Red Hat Security Advisory 2022-6389-01
Posted Sep 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6389-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a HTTP request smuggling vulnerability.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-33987
SHA-256 | 49695c2ea32250dc6f60d34ea01d791f6c7a8d449b5c3c62b72f902aedb970b1
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close