Lucene search
Veracode Vulnerability DatabaseVERACODE:25877HistoryJul 14, 2020 - 2:40 a.m.
Remote Code Execution
2020-07-1402:40:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
0.022 Low
EPSS
Percentile
89.6%
nodejs is vulnerable to remote code execution. Memory corruption in napi_get_value_string_* functions allows an attacker to execute arbitrary code on the system remotely by writing instructions to heap memory or by corrupting the stack.
References
access.redhat.com/errata/RHSA-2020:2895
access.redhat.com/security/updates/classification/#important
hackerone.com/reports/784186
security.gentoo.org/glsa/202101-07
security.netapp.com/advisory/ntap-20201023-0003/
www.oracle.com//security-alerts/cpujul2021.html
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpuoct2020.html
Related
redhatcve
redhatcve
CVE-2020-8174
2020-06-08 19:24:42
prion
prion
Memory corruption
2020-07-24 22:15:00
osv
osv
CVE-2020-8174
2020-07-24 22:15:12
BIT-node-2020-8174
2024-03-06 11:08:19
nodejs - security update
2020-06-06 00:00:00
cvelist
cvelist
CVE-2020-8174
2020-07-24 21:45:37
nvd
nvd
CVE-2020-8174
2020-07-24 22:15:12
nessus
nessus
Photon OS 1.0: Nodejs PHSA-2020-1.0-0312
2020-08-11 00:00:00
Photon OS 1.0: Nodejs10 PHSA-2020-1.0-0312
2020-08-11 00:00:00
Photon OS 2.0: Nodejs PHSA-2020-2.0-0269
2020-08-11 00:00:00
hackerone
hackerone
Node.js: napi_get_value_string_X allow various kinds of memory corruption
2020-01-27 16:49:36
cbl_mariner
cbl_mariner
CVE-2020-8174 affecting package nodejs 8.11.4-7
2021-08-11 06:39:34
ubuntucve
ubuntucve
CVE-2020-8174
2020-07-24 00:00:00
f5
f5
K19380843 : Node.js vulnerability CVE-2020-8174
2020-08-06 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-1.0-0312
2020-08-01 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0269
2020-08-02 00:00:00
Important Photon OS Security Update - PHSA-2020-0269
2020-08-02 00:00:00
alpinelinux
alpinelinux
CVE-2020-8174
2020-07-24 22:15:12
debiancve
debiancve
CVE-2020-8174
2020-07-24 22:15:12
cve
cve
CVE-2020-8174
2020-07-24 22:15:12
openvas
openvas
Debian: Security Advisory (DSA-4696-1)
2020-06-07 00:00:00
debian
debian
[SECURITY] [DSA 4696-1] nodejs security update
2020-06-06 11:06:13
ibm
ibm
redhat
redhat
(RHSA-2020:2849) Important: nodejs:10 security update
2020-07-07 08:51:32
(RHSA-2020:2848) Important: nodejs:10 security update
2020-07-07 08:51:24
(RHSA-2020:3042) Important: nodejs:10 security update
2020-07-21 14:15:40
suse
suse
Security update for nodejs8 (critical)
2020-06-13 00:00:00
almalinux
almalinux
Important: nodejs:10 security update
2020-07-07 08:51:24
Important: nodejs:12 security update
2020-07-07 08:52:35
altlinux
altlinux
Security fix for the ALT Linux 9 package node version 14.4.0-alt1
2020-06-19 00:00:00
Security fix for the ALT Linux 10 package node version 14.4.0-alt1
2020-06-19 00:00:00
rocky
rocky
nodejs:10 security update
2020-07-07 08:51:24
nodejs:12 security update
2020-07-07 08:52:35
ics
ics
Hitachi Energy e-mesh EMS
2022-03-31 12:00:00
Hitachi Energy Gateway Station (GWS) Product
2022-08-30 12:00:00
Hitachi Energy FACTS Control Platform (FCP) Product
2022-08-30 12:00:00
freebsd
freebsd
Node.js -- June 2020 Security Releases
2020-06-02 00:00:00
oraclelinux
oraclelinux
nodejs:10 security update
2020-07-14 00:00:00
nodejs:12 security update
2020-07-14 00:00:00
nodejsblog
nodejsblog
June 2020 Security Releases
2020-06-02 00:00:00
ubuntu
ubuntu
Node.js vulnerabilities
2023-09-19 00:00:00
gentoo
gentoo
NodeJS: Multiple vulnerabilities
2021-01-11 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2020-09-27 23:06:37
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00