Rewterz Threat Advisory – Multiple Vulnerabilities in Mozilla Firefox and ESR
June 3, 2020Rewterz Threat Alert – Large Scale Attack Campaign Targets WordPress Database Credentials
June 4, 2020Rewterz Threat Advisory – Multiple Vulnerabilities in Mozilla Firefox and ESR
June 3, 2020Rewterz Threat Alert – Large Scale Attack Campaign Targets WordPress Database Credentials
June 4, 2020Severity
High
Analysis Summary
Node.js is vulnerable to a buffer overflow, caused by multiple memory corruptions in the napi_get_value_string_latin1(), napi_get_value_string_utf8(), or napi_get_value_string_utf16() functions. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
Impact
Denial of service
Affected Vendors
NodeJs
Affected Products
- Node.js Node.js 10
- Node.js Node.js 12
- Node.js Node.js 14.0
Remediation
Upgrade to the latest version of Node.js (14.4.0 or later).