cve-2017-11499
Vulnerability from cvelistv5
Published
2017-07-25 13:00
Modified
2024-08-05 18:12
Severity ?
Summary
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup.
References
cve@mitre.orghttp://www.securityfocus.com/bid/99959Third Party Advisory, VDB Entry
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:2908
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2017:3002
cve@mitre.orghttps://nodejs.org/en/blog/vulnerability/july-2017-security-releases/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/99959Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2908
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:3002
af854a3a-2127-422b-91ae-364da2661108https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/Patch, Vendor Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:12:40.348Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "99959",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99959",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/",
               },
               {
                  name: "RHSA-2017:3002",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3002",
               },
               {
                  name: "RHSA-2017:2908",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2908",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-07-25T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-12-06T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "99959",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99959",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/",
            },
            {
               name: "RHSA-2017:3002",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3002",
            },
            {
               name: "RHSA-2017:2908",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2908",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-11499",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "99959",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99959",
                  },
                  {
                     name: "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/",
                     refsource: "CONFIRM",
                     url: "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/",
                  },
                  {
                     name: "RHSA-2017:3002",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3002",
                  },
                  {
                     name: "RHSA-2017:2908",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2908",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-11499",
      datePublished: "2017-07-25T13:00:00",
      dateReserved: "2017-07-20T00:00:00",
      dateUpdated: "2024-08-05T18:12:40.348Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0390D600-532D-4675-95BB-10EC4E06F3E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35AAF7CD-9AE6-4A4B-858E-4B17031BD058\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DCB6010-AC31-4B61-9DA6-E119ADC5D70B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5364365-36F1-49C0-BF8D-2D5054BC7B1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0740684D-989A-4957-8AC1-AAB01A04E393\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08C97202-6AEC-4B8D-B3F6-49F6AEF9CFD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EFA073A-9AC2-4162-9DDA-B6CD0AE53D3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F8FD4B3-D515-486A-94A3-29CBDA2E25CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55E18631-9502-42CC-A85A-EA5742FDC317\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CCBC213-1524-4C88-9EB3-52E003070A3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C928FB55-2F33-4458-8484-4010AE8883A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CEEFA5F-2B32-4CA0-84AD-E0ECA0F81078\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4754B0A8-A7D7-41A1-BFE5-10D84E7CEC1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D132104E-163C-47EE-B247-578D64AC88D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E208FB1-A772-4002-BD56-3360BDDFEF37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14BE6C0B-E6EC-4CD2-912B-45DE9F94BA59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"714EBE27-F0D0-4B2E-90E1-4C73DF7FAA81\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BE8859F-1EBE-4B9A-A5ED-7FA63D68C947\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1249AA75-5676-4AFC-99B4-A59DC9BE1F33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E875B302-1923-40AF-B956-A063714BBA9B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10940F9C-6671-4C0D-89F9-6111A44FA74D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.4.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F031F09-0AF1-4825-8C8C-AC5A65119E92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"413C8F30-5B76-49D6-95C2-E62FC34911EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CA03990-23A0-4D9E-A46C-39E4C214CDA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89B156BD-1465-4758-A767-5D1377FD9B1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7AF4AFE-14E3-4264-84BB-45B9CDB6D363\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39233953-4ADE-49D7-95E8-0199008375E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"002CF669-688A-40D3-9576-17ABFB17DE4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3D6AF6A-5B1A-46DE-B03D-DDEB69B86F8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F29C7E8C-8C0B-4B44-A178-5C31D9B1F3A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB5573D5-6792-472E-943C-582C104A9266\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AC50639-CD44-408B-98C2-20A6D71C454B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85C38CBB-154F-4842-B783-86DE1700A59C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4A52ABF-EAB6-4B14-8DF2-49E0D93F0737\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64F7E56E-CA65-47C3-9ADA-F13A834D3961\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"183A5888-01C5-4977-9C66-1467FFA6D457\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F811E8BB-F1C8-43BE-BEAD-FC4FE122ABEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEDE8D29-7C15-44D1-8D5C-0E438D9DE029\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DCA3C10-FB37-4256-812A-EB8A3A095E6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54197CC5-9C7D-4DCE-A60F-625DE246E5A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6173A6E4-F472-46CF-9762-6F3CAAFD9C3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4C25A52-E3C0-4429-AB96-1E33523E51D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"590070D6-198A-456E-A55D-D0B06DD3FF8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46FCC5E2-1106-4153-B8C6-5E9594735529\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56778D45-8B99-406D-BE97-034D3A29F32E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0C7E2F2-8C41-4F3B-848A-144DCA30FC69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11778EAE-5DCD-4D4E-807B-FD3C0DC47BE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C203335-0CB9-4B38-80C1-344607FFAE29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D70C084-6B75-401B-9F52-B3E2B5060FEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85D0381B-EECC-49E9-A43E-9877226FAFF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C5C5E18-2613-4851-953F-6773886A908F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2478B4BA-703D-45BD-9B59-713AEDEDB14F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:5.12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8AB33415-8446-43C6-9D1B-DF0D6BF8D0EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A53CB0E-3FBA-4796-BC81-6003A7DC29DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4F3F415-CD69-4E19-A4F9-3673D2907932\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"758E9981-966B-4BB5-8982-183683C76228\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD05686C-E548-43CB-81C1-5AE3E3E5ECBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D1FAA74-207E-4E37-90F7-75202ED64E37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F747352F-DFE4-45C3-9806-CBDC1E4A64E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E144BC9-0D69-4C9B-9AF0-D7730F1719EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82EA5976-2268-4FF3-BE6A-5680D45073E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E85F98DB-A43D-47C0-B271-0E25DCF0EA65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"94E82A49-5897-43D4-8EF7-F743B8B909E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"083FA7D0-5707-4B87-955A-5C75E416715A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06A96BD0-0922-4E96-BE72-0FB39D6C139F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58A8B882-F8A2-4D11-B9C9-F02227661BA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02AA2065-D99B-4805-BD30-63CC42B07264\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"612507E3-84F7-4343-8F8F-156BF96B1535\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A053FD13-3912-45D3-BBFF-A29415675B4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5406D0BF-7AA8-49A1-A712-A78D0E5A4AB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F53DBB-AE67-47DF-81AF-3E697D099EB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.9.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E72FD09-9C0F-4685-83CE-A60823208169\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B889EF50-8C17-48B1-8D79-BFBB69E0E808\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A16A6C5-170F-48D2-A9B4-F64CCC436E5F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96903DD4-70B8-4F30-AE8D-B5BF4235EC93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F99F1B8C-B2A2-46F0-A46B-543876382BD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D4E9F52-DAAA-4E7E-B37A-A8612DDF6717\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33314D49-3EDD-458F-9DC6-71AC0C1BF2D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B6335D5-4A9B-425E-BEE2-F79BE4B07F6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC03B878-CC9F-4E5B-98FF-89302D1A14C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85A26147-1A40-40BA-A31A-1D3E3C12B25A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADF5735F-9BDC-4F99-8E5F-EE2BA0946B1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"726FC696-439B-49FD-AD83-E8E0808A877E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6876765D-5936-49D2-ACCC-DFBAD2ADC7AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"531E6D2A-80F5-4E61-9F94-20C52EF51C33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89DB06D6-94B8-47B4-A63B-678866B6CF91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"127BC110-BCB3-4EF5-918B-487AA953DAD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD59683C-71B8-40B1-8F63-6C615D1F24C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46ABF6BA-B4EE-4E43-9D53-A088ED8B5C66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70CF83FA-1E27-462D-9669-BCF4EA2B112C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BCAB616B-F595-4B96-960F-F0693BFE5AAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF65EA06-835C-4CC6-92D4-B457C4EADD43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53E256FD-DC14-4507-9070-32940032FE7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A7C28EC-2D0F-4146-A495-44B5C63571C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:7.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B0ABD2F-2130-40BD-B008-095AB6A93BBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"710CFCCF-7086-472E-90A9-ACE36A8F8AF1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E35B2D35-798E-4186-8C17-4AC717777668\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC765BA6-CDB8-4C3B-9D23-64996F38027A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B35BB2AB-7E3E-450D-A135-A0A8020F0BBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A710334-6ADA-4BF3-A4A8-F1EF1CC07674\"}]}]}]",
         descriptions: "[{\"lang\": \"en\", \"value\": \"Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup.\"}, {\"lang\": \"es\", \"value\": \"Node.js versi\\u00f3n v4.0 hasta v4.8.3, todas las versiones de v5.x, versi\\u00f3n v6.0 hasta v6.11.0, versi\\u00f3n v7.0 hasta v7.10.0, y versi\\u00f3n v8.0 hasta v8.1.3, fue susceptible a ataques DoS remotos de inundaci\\u00f3n de hash ya que el seed HashTable fue constante en una versi\\u00f3n dada de Node.js. Esto fue el resultado de la compilaci\\u00f3n con instant\\u00e1neas V8 habilitadas por defecto, lo que caus\\u00f3 que el seed aleatorizado inicialmente se sobrescribiera en el arranque.\"}]",
         id: "CVE-2017-11499",
         lastModified: "2024-11-21T03:07:53.610",
         metrics: "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
         published: "2017-07-25T13:29:00.177",
         references: "[{\"url\": \"http://www.securityfocus.com/bid/99959\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2908\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3002\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/99959\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2908\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3002\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
         sourceIdentifier: "cve@mitre.org",
         vulnStatus: "Modified",
         weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2017-11499\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-07-25T13:29:00.177\",\"lastModified\":\"2024-11-21T03:07:53.610\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup.\"},{\"lang\":\"es\",\"value\":\"Node.js versión v4.0 hasta v4.8.3, todas las versiones de v5.x, versión v6.0 hasta v6.11.0, versión v7.0 hasta v7.10.0, y versión v8.0 hasta v8.1.3, fue susceptible a ataques DoS remotos de inundación de hash ya que el seed HashTable fue constante en una versión dada de Node.js. Esto fue el resultado de la compilación con instantáneas V8 habilitadas por defecto, lo que causó que el seed aleatorizado inicialmente se sobrescribiera en el arranque.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0390D600-532D-4675-95BB-10EC4E06F3E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35AAF7CD-9AE6-4A4B-858E-4B17031BD058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DCB6010-AC31-4B61-9DA6-E119ADC5D70B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5364365-36F1-49C0-BF8D-2D5054BC7B1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0740684D-989A-4957-8AC1-AAB01A04E393\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08C97202-6AEC-4B8D-B3F6-49F6AEF9CFD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EFA073A-9AC2-4162-9DDA-B6CD0AE53D3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F8FD4B3-D515-486A-94A3-29CBDA2E25CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E18631-9502-42CC-A85A-EA5742FDC317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CCBC213-1524-4C88-9EB3-52E003070A3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C928FB55-2F33-4458-8484-4010AE8883A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CEEFA5F-2B32-4CA0-84AD-E0ECA0F81078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4754B0A8-A7D7-41A1-BFE5-10D84E7CEC1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D132104E-163C-47EE-B247-578D64AC88D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E208FB1-A772-4002-BD56-3360BDDFEF37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14BE6C0B-E6EC-4CD2-912B-45DE9F94BA59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"714EBE27-F0D0-4B2E-90E1-4C73DF7FAA81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BE8859F-1EBE-4B9A-A5ED-7FA63D68C947\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1249AA75-5676-4AFC-99B4-A59DC9BE1F33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E875B302-1923-40AF-B956-A063714BBA9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10940F9C-6671-4C0D-89F9-6111A44FA74D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F031F09-0AF1-4825-8C8C-AC5A65119E92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"413C8F30-5B76-49D6-95C2-E62FC34911EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CA03990-23A0-4D9E-A46C-39E4C214CDA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89B156BD-1465-4758-A767-5D1377FD9B1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7AF4AFE-14E3-4264-84BB-45B9CDB6D363\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39233953-4ADE-49D7-95E8-0199008375E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"002CF669-688A-40D3-9576-17ABFB17DE4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3D6AF6A-5B1A-46DE-B03D-DDEB69B86F8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F29C7E8C-8C0B-4B44-A178-5C31D9B1F3A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB5573D5-6792-472E-943C-582C104A9266\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AC50639-CD44-408B-98C2-20A6D71C454B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85C38CBB-154F-4842-B783-86DE1700A59C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4A52ABF-EAB6-4B14-8DF2-49E0D93F0737\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64F7E56E-CA65-47C3-9ADA-F13A834D3961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"183A5888-01C5-4977-9C66-1467FFA6D457\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F811E8BB-F1C8-43BE-BEAD-FC4FE122ABEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEDE8D29-7C15-44D1-8D5C-0E438D9DE029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DCA3C10-FB37-4256-812A-EB8A3A095E6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54197CC5-9C7D-4DCE-A60F-625DE246E5A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6173A6E4-F472-46CF-9762-6F3CAAFD9C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4C25A52-E3C0-4429-AB96-1E33523E51D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"590070D6-198A-456E-A55D-D0B06DD3FF8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46FCC5E2-1106-4153-B8C6-5E9594735529\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56778D45-8B99-406D-BE97-034D3A29F32E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0C7E2F2-8C41-4F3B-848A-144DCA30FC69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11778EAE-5DCD-4D4E-807B-FD3C0DC47BE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C203335-0CB9-4B38-80C1-344607FFAE29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D70C084-6B75-401B-9F52-B3E2B5060FEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85D0381B-EECC-49E9-A43E-9877226FAFF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C5C5E18-2613-4851-953F-6773886A908F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2478B4BA-703D-45BD-9B59-713AEDEDB14F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:5.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AB33415-8446-43C6-9D1B-DF0D6BF8D0EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A53CB0E-3FBA-4796-BC81-6003A7DC29DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4F3F415-CD69-4E19-A4F9-3673D2907932\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"758E9981-966B-4BB5-8982-183683C76228\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD05686C-E548-43CB-81C1-5AE3E3E5ECBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D1FAA74-207E-4E37-90F7-75202ED64E37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F747352F-DFE4-45C3-9806-CBDC1E4A64E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E144BC9-0D69-4C9B-9AF0-D7730F1719EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EA5976-2268-4FF3-BE6A-5680D45073E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E85F98DB-A43D-47C0-B271-0E25DCF0EA65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94E82A49-5897-43D4-8EF7-F743B8B909E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"083FA7D0-5707-4B87-955A-5C75E416715A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A96BD0-0922-4E96-BE72-0FB39D6C139F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A8B882-F8A2-4D11-B9C9-F02227661BA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02AA2065-D99B-4805-BD30-63CC42B07264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"612507E3-84F7-4343-8F8F-156BF96B1535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A053FD13-3912-45D3-BBFF-A29415675B4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5406D0BF-7AA8-49A1-A712-A78D0E5A4AB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F53DBB-AE67-47DF-81AF-3E697D099EB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E72FD09-9C0F-4685-83CE-A60823208169\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B889EF50-8C17-48B1-8D79-BFBB69E0E808\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A16A6C5-170F-48D2-A9B4-F64CCC436E5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96903DD4-70B8-4F30-AE8D-B5BF4235EC93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99F1B8C-B2A2-46F0-A46B-543876382BD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D4E9F52-DAAA-4E7E-B37A-A8612DDF6717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33314D49-3EDD-458F-9DC6-71AC0C1BF2D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B6335D5-4A9B-425E-BEE2-F79BE4B07F6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC03B878-CC9F-4E5B-98FF-89302D1A14C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85A26147-1A40-40BA-A31A-1D3E3C12B25A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADF5735F-9BDC-4F99-8E5F-EE2BA0946B1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"726FC696-439B-49FD-AD83-E8E0808A877E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6876765D-5936-49D2-ACCC-DFBAD2ADC7AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"531E6D2A-80F5-4E61-9F94-20C52EF51C33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89DB06D6-94B8-47B4-A63B-678866B6CF91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"127BC110-BCB3-4EF5-918B-487AA953DAD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD59683C-71B8-40B1-8F63-6C615D1F24C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46ABF6BA-B4EE-4E43-9D53-A088ED8B5C66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70CF83FA-1E27-462D-9669-BCF4EA2B112C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAB616B-F595-4B96-960F-F0693BFE5AAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF65EA06-835C-4CC6-92D4-B457C4EADD43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53E256FD-DC14-4507-9070-32940032FE7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A7C28EC-2D0F-4146-A495-44B5C63571C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:7.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B0ABD2F-2130-40BD-B008-095AB6A93BBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"710CFCCF-7086-472E-90A9-ACE36A8F8AF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E35B2D35-798E-4186-8C17-4AC717777668\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC765BA6-CDB8-4C3B-9D23-64996F38027A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B35BB2AB-7E3E-450D-A135-A0A8020F0BBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A710334-6ADA-4BF3-A4A8-F1EF1CC07674\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99959\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2908\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3002\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99959\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2908\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.