Search for packages
| purl | pkg:alpm/archlinux/nodejs@15.5.0-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-d15h-ng65-aaab
Aliases: CVE-2020-8287 |
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling. |
Affected by 0 other vulnerabilities. |
|
VCID-nx9u-49dk-aaag
Aliases: CVE-2020-1971 VC-OPENSSL-20201208-CVE-2020-1971 |
There are no reported fixed by versions. | |
|
VCID-r6v6-e21j-aaag
Aliases: CVE-2020-8265 |
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:45:46.699550+00:00 | Arch Linux Importer | Affected by | VCID-nx9u-49dk-aaag | https://security.archlinux.org/AVG-1404 | 36.0.0 |
| 2025-03-28T07:45:46.681177+00:00 | Arch Linux Importer | Affected by | VCID-r6v6-e21j-aaag | https://security.archlinux.org/AVG-1400 | 36.0.0 |
| 2025-03-28T07:45:46.660751+00:00 | Arch Linux Importer | Affected by | VCID-d15h-ng65-aaab | https://security.archlinux.org/AVG-1400 | 36.0.0 |
| 2024-10-20T01:39:38.600004+00:00 | Arch Linux Importer | Affected by | VCID-r6v6-e21j-aaag | https://security.archlinux.org/AVG-1400 | 34.0.2 |
| 2024-10-20T01:39:38.576670+00:00 | Arch Linux Importer | Affected by | VCID-d15h-ng65-aaab | https://security.archlinux.org/AVG-1400 | 34.0.2 |
| 2024-09-18T02:00:47.870878+00:00 | Arch Linux Importer | Affected by | VCID-nx9u-49dk-aaag | https://security.archlinux.org/AVG-1404 | 34.0.1 |
| 2024-09-18T02:00:47.846194+00:00 | Arch Linux Importer | Affected by | VCID-r6v6-e21j-aaag | https://security.archlinux.org/AVG-1400 | 34.0.1 |
| 2024-09-18T02:00:47.817859+00:00 | Arch Linux Importer | Affected by | VCID-d15h-ng65-aaab | https://security.archlinux.org/AVG-1400 | 34.0.1 |
| 2024-05-04T17:12:01.406908+00:00 | Arch Linux Importer | Affected by | VCID-r6v6-e21j-aaag | https://security.archlinux.org/AVG-1400 | 34.0.0rc4 |
| 2024-05-04T17:12:01.384756+00:00 | Arch Linux Importer | Affected by | VCID-d15h-ng65-aaab | https://security.archlinux.org/AVG-1400 | 34.0.0rc4 |
| 2024-01-03T22:27:05.723255+00:00 | Arch Linux Importer | Affected by | VCID-nx9u-49dk-aaag | https://security.archlinux.org/AVG-1404 | 34.0.0rc1 |
| 2024-01-03T22:27:05.704270+00:00 | Arch Linux Importer | Affected by | VCID-r6v6-e21j-aaag | https://security.archlinux.org/AVG-1400 | 34.0.0rc1 |
| 2024-01-03T22:27:05.682582+00:00 | Arch Linux Importer | Affected by | VCID-d15h-ng65-aaab | https://security.archlinux.org/AVG-1400 | 34.0.0rc1 |