Unrated severityNVD Advisory· Published Nov 19, 2020· Updated Apr 30, 2025
CVE-2020-8277
CVE-2020-8277
Description
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WH7W46OZSEUHWBHD7TCH3LRFY52V6Z/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEJBY3RJB3XWUOJFGZM5E3EMQ7MFM3UT/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EEIV4CH6KNVZK63Y6EKVN2XDW7IHSJBJ/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXLJY4764LYVJPC7NCDLE2UMQ3QC5OI2/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202012-11mitrevendor-advisoryx_refsource_GENTOO
- security.gentoo.org/glsa/202101-07mitrevendor-advisoryx_refsource_GENTOO
- hackerone.com/reports/1033107mitrex_refsource_MISC
- nodejs.org/en/blog/vulnerability/november-2020-security-releases/mitrex_refsource_CONFIRM
- www.oracle.com//security-alerts/cpujul2021.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpuApr2021.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpuapr2022.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpujan2021.htmlmitrex_refsource_MISC
- www.oracle.com/security-alerts/cpuoct2021.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.