diff options
| -rw-r--r-- | security/vuxml/vuln.xml | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 7809b449c3a4..79adb2e429b6 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,81 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="45b8e2eb-7056-11e8-8fab-63ca6e0e13a2"> + <topic>node.js -- multiple vulnerabilities</topic> + <affects> + <package> + <name>node6</name> + <range><lt>6.14.3</lt></range> + </package> + <package> + <name>node8</name> + <range><lt>8.11.3</lt></range> + </package> + <package> + <name>node</name> + <range><lt>10.4.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Node.js reports:</p> + <blockquote cite="https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/"> + <h1>Denial of Service Vulnerability in HTTP/2 (CVE-2018-7161)</h1> + <p>All versions of 8.x and later are vulnerable and the severity is + HIGH. An attacker can cause a denial of service (DoS) by causing a + node server providing an http2 server to crash. This can be + accomplished by interacting with the http2 server in a manner that + triggers a cleanup bug where objects are used in native code after + they are no longer available. This has been addressed by updating + the http2 implementation. Thanks to Jordan Zebor at F5 Networks for + reporting this issue.</p> + <h1>Denial of Service, nghttp2 dependency (CVE-2018-1000168)</h1> + <p>All versions of 9.x and later are vulnerable and the severity is + HIGH. Under certain conditions, a malicious client can trigger an + uninitialized read (and a subsequent segfault) by sending a + malformed ALTSVC frame. This has been addressed through an by + updating nghttp2.</p> + <h1>Denial of Service Vulnerability in TLS (CVE-2018-7162)</h1> + <p>All versions of 9.x and later are vulnerable and the severity is + HIGH. An attacker can cause a denial of service (DoS) by causing a + node process which provides an http server supporting TLS server to + crash. This can be accomplished by sending duplicate/unexpected + messages during the handshake. This vulnerability has been addressed + by updating the TLS implementation. Thanks to Jordan Zebor at F5 + Networks all of his help investigating this issue with the Node.js + team.</p> + <h1>Memory exhaustion DoS on v9.x (CVE-2018-7164)</h1> + <p>Versions 9.7.0 and later are vulnerable and the severity is MEDIUM. + A bug introduced in 9.7.0 increases the memory consumed when reading + from the network into JavaScript using the net.Socket object + directly as a stream. An attacker could use this cause a denial of + service by sending tiny chunks of data in short succession. This + vulnerability was restored by reverting to the prior behaviour.</p> + <h1>Calls to Buffer.fill() and/or Buffer.alloc() may hang (CVE-2018-7167)</h1> + <p>Calling Buffer.fill() or Buffer.alloc() with some parameters can + lead to a hang which could result in a Denial of Service. In order + to address this vulnerability, the implementations of Buffer.alloc() + and Buffer.fill() were updated so that they zero fill instead of + hanging in these cases.</p> + </blockquote> + </body> + </description> + <references> + <url>https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/</url> + <url>https://nghttp2.org/blog/2018/04/12/nghttp2-v1-31-1/</url> + <cvename>CVE-2018-7161</cvename> + <cvename>CVE-2018-7162</cvename> + <cvename>CVE-2018-7164</cvename> + <cvename>CVE-2018-7167</cvename> + <cvename>CVE-2018-1000168</cvename> + </references> + <dates> + <discovery>2018-06-12</discovery> + <entry>2018-06-15</entry> + </dates> + </vuln> + <vuln vid="53eb9e1e-7014-11e8-8b1f-3065ec8fd3ec"> <topic>password-store -- GPG parsing vulnerabilities</topic> <affects> |