Lucene search
Redhat.comRH:CVE-2018-7160HistoryMar 30, 2020 - 8:22 a.m.
CVE-2018-7160
2020-03-3008:22:03
redhat.com
access.redhat.com
12
0.033 Low
EPSS
Percentile
91.3%
It was found that when a Node.js script is run in inspector mode, Node.js did not properly validate the Host header, leaving the inspector vulnerable to a DNS rebind attack and bypass same-origin policy. If a developer had an inspector session running, and was visiting a malicious website, the site could carry on a DNS rebind attack, allowing the site to have full access to the debugged script.
Related
nessus
nessus
F5 Networks BIG-IP : NodeJS vulnerability (K63025104)
2019-12-31 00:00:00
Fedora 33 : 1:nodejs (2021-a760169c3c)
2021-03-12 00:00:00
Ubuntu 18.04 ESM / 20.04 LTS : Node.js vulnerabilities (USN-6418-1)
2023-10-05 00:00:00
prion
prion
Remote code execution
2018-05-17 14:29:00
Code injection
2021-03-03 18:15:00
debiancve
debiancve
CVE-2018-7160
2018-05-17 14:29:00
CVE-2021-22884
2021-03-03 18:15:14
f5
f5
K63025104 : NodeJS vulnerability CVE-2018-7160
2019-11-25 00:00:00
ubuntucve
ubuntucve
CVE-2018-7160
2018-05-17 00:00:00
CVE-2021-22884
2021-03-03 00:00:00
osv
osv
Node.js Inspector RCE via DNS Rebinding
2022-05-13 01:08:23
CVE-2018-7160
2018-05-17 14:29:00
BIT-node-2021-22884
2024-03-06 11:07:03
openvas
openvas
Node.js DNS Rebinding Vulnerability - Windows
2018-07-09 00:00:00
Node.js DNS Rebinding Vulnerability - Mac OS X
2018-07-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1183-1)
2021-06-09 00:00:00
nvd
nvd
CVE-2018-7160
2018-05-17 14:29:00
CVE-2021-22884
2021-03-03 18:15:14
veracode
veracode
DNS Rebinding
2018-05-09 08:26:57
cvelist
cvelist
CVE-2018-7160
2018-03-21 00:00:00
CVE-2021-22884
2021-03-03 17:37:46
cve
cve
CVE-2018-7160
2018-05-17 14:29:00
CVE-2021-22884
2021-03-03 18:15:14
github
github
Withdrawn Advisory: Node.js Inspector RCE via DNS Rebinding
2022-05-13 01:08:23
alpinelinux
alpinelinux
CVE-2018-7160
2018-05-17 14:29:00
CVE-2021-22884
2021-03-03 18:15:14
hackerone
hackerone
redhatcve
redhatcve
CVE-2021-22884
2021-02-23 20:03:29
fedora
fedora
[SECURITY] Fedora 26 Update: nodejs-6.14.0-1.fc26
2018-04-06 14:38:24
[SECURITY] Fedora 27 Update: libuv-1.19.2-1.fc27
2018-04-03 14:52:54
[SECURITY] Fedora 27 Update: nodejs-8.11.0-1.fc27
2018-04-03 14:52:54
ibm
ibm
Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private and IBM Cloud Private Cloud Foundry (CVE-2018-7158, CVE-2018-7159, CVE-2018-7160)
2018-09-14 21:30:01
freebsd
freebsd
node.js -- multiple vulnerabilities
2018-03-21 00:00:00
Node.js -- February 2021 Security Releases
2021-02-23 00:00:00
nodejsblog
nodejsblog
March 2018 Security Releases
2018-03-21 00:00:00
February 2021 Security Releases
2021-02-23 00:00:00
September 23rd 2022 Security Releases
2022-09-15 00:00:00
redhat
redhat
(RHSA-2018:2949) Important: rh-nodejs8-nodejs security update
2018-10-18 09:47:33
ubuntu
ubuntu
Node.js vulnerabilities
2021-03-15 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2019-09-15 16:24:16
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00