rpm package
suse/nodejs6&distro=SUSE OpenStack Cloud Crowbar 8
pkg:rpm/suse/nodejs6&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-7167 | — | < 6.14.3-11.15.1 | 6.14.3-11.15.1 | Jun 13, 2018 | Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in the | ||
| CVE-2018-0732 | — | < 6.14.4-11.18.1 | 6.14.4-11.18.1 | Jun 12, 2018 | During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client |
- CVE-2018-7167Jun 13, 2018affected < 6.14.3-11.15.1fixed 6.14.3-11.15.1
Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in the
- CVE-2018-0732Jun 12, 2018affected < 6.14.4-11.18.1fixed 6.14.4-11.18.1
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client
Page 2 of 2