Lucene search
NodejsCVELIST:CVE-2018-12123HistoryNov 28, 2018 - 5:00 p.m.
CVE-2018-12123
2018-11-2817:00:00
CWE-115
nodejs
www.cve.org
6
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Hostname spoofing in URL parser for javascript protocol: If a Node.js application is using url.parse() to determine the URL hostname, that hostname can be spoofed by using a mixed case “javascript:” (e.g. “javAscript:”) protocol (other protocols are not affected). If security decisions are made about the URL based on the hostname, they may be incorrect.
CNA Affected
[
{
"product": "Node.js",
"vendor": "The Node.js Project",
"versions": [
{
"status": "affected",
"version": "All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0"
}
]
}
]Related
nessus
nessus
Photon OS 1.0: Nodejs PHSA-2020-1.0-0306
2020-07-14 00:00:00
Photon OS 2.0: Nodejs PHSA-2020-2.0-0210
2020-02-26 00:00:00
F5 Networks BIG-IP : Node.js vulnerabilities (K000137090)
2023-10-02 00:00:00
debiancve
debiancve
CVE-2018-12123
2018-11-28 17:29:00
huntr
huntr
hostname spoofing via javascript
2022-03-04 10:29:25
ubuntucve
ubuntucve
CVE-2018-12123
2018-11-28 00:00:00
prion
prion
Design/Logic Flaw
2018-11-28 17:29:00
cbl_mariner
cbl_mariner
CVE-2018-12123 affecting package nodejs 8.11.4-7
2021-08-11 06:39:34
redhatcve
redhatcve
CVE-2018-12123
2020-02-02 02:37:48
ibm
ibm
veracode
veracode
Hostname Spoofing
2018-11-30 05:49:00
nvd
nvd
CVE-2018-12123
2018-11-28 17:29:00
alpinelinux
alpinelinux
CVE-2018-12123
2018-11-28 17:29:00
osv
osv
CVE-2018-12123
2018-11-28 17:29:00
nodejs vulnerabilities
2021-03-15 21:18:37
cve
cve
CVE-2018-12123
2018-11-28 17:29:00
photon
photon
openvas
openvas
Node.js Multiple Vulnerabilities (Nov 2018) - Mac OS X
2018-11-29 00:00:00
Node.js Multiple Vulnerabilities (Nov 2018) - Windows
2018-11-29 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0118-1)
2021-06-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 10.14.1-alt1
2018-11-30 00:00:00
f5
f5
suse
suse
Security update for nodejs8 (important)
2019-01-28 00:00:00
Security update for nodejs6 (important)
2019-02-22 00:00:00
Security update for nodejs4 (important)
2019-01-25 00:00:00
redhat
redhat
(RHSA-2019:1821) Important: rh-nodejs8-nodejs security update
2019-07-22 13:09:06
(RHSA-2019:2939) Important: rh-nodejs10-nodejs security update
2019-09-30 23:10:11
nodejsblog
nodejsblog
November 2018 Security Releases
2018-11-28 00:00:00
freebsd
freebsd
node.js -- multiple vulnerabilities
2018-11-27 00:00:00
ubuntu
ubuntu
Node.js vulnerabilities
2021-03-15 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2019-09-15 16:24:16
gentoo
gentoo
Node.js: Multiple vulnerabilities
2020-03-20 00:00:00