exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2022-43548

Status Candidate

Overview

A OS Command Injection vulnerability exists in Node.js versions <14.21.1, <16.18.1, <18.12.1, <19.0.1 due to an insufficient IsAllowedHost check that can easily be bypassed because IsIPAddress does not properly check if an IP address is invalid before making DBS requests allowing rebinding attacks.The fix for this issue in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32212 was incomplete and this new CVE is to complete the fix.

Related Files

Ubuntu Security Notice USN-6491-1
Posted Nov 21, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6491-1 - Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Zeyu Zhang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-32212, CVE-2022-32214, CVE-2022-32215, CVE-2022-35256, CVE-2022-43548
SHA-256 | 8ddf8df4e907b7feb37bcc05076feb91fbe7775e008bc78c2060fe24dcb8e07e
Red Hat Security Advisory 2023-1742-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1742-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, bypass, and denial of service vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2021-44906, CVE-2022-0235, CVE-2022-21824, CVE-2022-24999, CVE-2022-25881, CVE-2022-3517, CVE-2022-35256, CVE-2022-38900, CVE-2022-43548, CVE-2022-4904
SHA-256 | f28377e6e25b8387aa54cea292997b508ff485520e06f1243636f40bf125d07b
Red Hat Security Advisory 2023-1533-01
Posted Apr 3, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1533-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, bypass, and denial of service vulnerabilities.

tags | advisory, web, denial of service, overflow, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2021-44906, CVE-2022-24999, CVE-2022-25881, CVE-2022-3517, CVE-2022-35256, CVE-2022-38900, CVE-2022-43548, CVE-2022-4904, CVE-2023-23918, CVE-2023-23920
SHA-256 | 1d997c727b547d00a2b7b276e0830053a199463662b5eb3fddb9e968cdd8798e
Red Hat Security Advisory 2023-0612-01
Posted Feb 7, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0612-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2021-44906, CVE-2022-0235, CVE-2022-24999, CVE-2022-3517, CVE-2022-43548
SHA-256 | 196b41f4cb8202a5bba53e8e3a83c166222738610e775f61305c8797014467d7
Debian Security Advisory 5326-1
Posted Jan 25, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5326-1 - Multiple vulnerabilities were discovered in Node.js, which could result in HTTP request smuggling, bypass of host IP address validation and weak randomness setup.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2022-32212, CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2022-35255, CVE-2022-35256, CVE-2022-43548
SHA-256 | 72e5be8502372f25a305cf0e5e848f49100f6c4c07231ed340c9052cb558a635
Red Hat Security Advisory 2023-0321-01
Posted Jan 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0321-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-44906, CVE-2022-3517, CVE-2022-35256, CVE-2022-43548
SHA-256 | e0c653b344cad061ff2db4d48425d59d51ad956a499681962b6bdd29869c3026
Red Hat Security Advisory 2023-0050-01
Posted Jan 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0050-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2021-44906, CVE-2022-0235, CVE-2022-24999, CVE-2022-3517, CVE-2022-43548
SHA-256 | e708c38bc4b436ac8b0802b7f52b3094989a8a194c55f4ff13f1c929fc808c60
Red Hat Security Advisory 2022-9073-01
Posted Dec 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-9073-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2021-44531, CVE-2021-44532, CVE-2021-44533, CVE-2021-44906, CVE-2022-21824, CVE-2022-3517, CVE-2022-43548
SHA-256 | 58a475f3944861cebbf2d0ab6df5a1520a1b99b5680cbbaa3c7af98223362bdc
Red Hat Security Advisory 2022-8832-01
Posted Dec 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8832-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2022-3517, CVE-2022-43548
SHA-256 | 99898e5a24c6a706859217c62159cda53c2a077c0caf7753ee1e97e40c6ad0e1
Red Hat Security Advisory 2022-8833-01
Posted Dec 7, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8833-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2022-3517, CVE-2022-43548
SHA-256 | e9e729a24a297018e2baaa36c9d21c52f75aa1a00dfda56fe78c6e1ad638a1df
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close