Node.js - HackerOne Reports
View on HackerOne113
Total Reports
8
Critical
37
High
44
Medium
15
Low
HTTP Request Smuggling due to ignoring chunk extensions
Reported by:
mkg
|
Disclosed:
Medium
Weakness: HTTP Request Smuggling
Bounty: $250.00
Denial of Service by resource exhaustion in fetch() brotli decoding
Reported by:
maple3142
|
Disclosed:
Medium
Weakness: Uncontrolled Resource Consumption
Proxy-Authorization header not cleared on cross-origin redirect in undici.request
Reported by:
iylz
|
Disclosed:
Low
Weakness: Insufficiently Protected Credentials
http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks
Reported by:
bart
|
Disclosed:
High
Weakness: Uncontrolled Resource Consumption
Integrity checks according to policies can be circumvented
Reported by:
tniessen
|
Disclosed:
Medium
Weakness: Insufficient Verification of Data Authenticity
Take over subdomain undici.nodejs.org.cdn.cloudflare.net
Reported by:
algisec1337
|
Disclosed:
Medium
Weakness: Array Index Underflow
Node.js HTTP/2 Large Settings Frame DoS
Reported by:
galgo
|
Disclosed:
Low
Weakness: Uncontrolled Resource Consumption
Node.js: TLS session reuse can lead to hostname verification bypass
Reported by:
fwilhelm
|
Disclosed:
High
Weakness: Man-in-the-Middle
Denial of Service: nghttp2 use of uninitialized pointer
Reported by:
jasnell
|
Disclosed:
Critical
Weakness: NULL Pointer Dereference
Out of order TLS handshake / application data messages lead to segmentation fault
Reported by:
jzebor
|
Disclosed:
High
Weakness: Heap Overflow
HTTP/2 Denial of Service Vulnerability
Reported by:
jzebor
|
Disclosed:
High
Weakness: Memory Corruption - Generic
Corrupted pointer in node::fs::ReadFileUtf8(const FunctionCallbackInfo<Value>& args) when args[0] is a string.
Reported by:
justinnietzel
|
Disclosed:
Low
Weakness: Memory Corruption - Generic
HTTP Request Smuggling Due To Improper Delimiting of Header Fields
Reported by:
zeyu2001
|
Disclosed:
Medium
Weakness: HTTP Request Smuggling
HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding
Reported by:
zeyu2001
|
Disclosed:
Medium
Weakness: HTTP Request Smuggling
`fs.realpath.native` on darwin may cause buffer overflow
Reported by:
ashi009
|
Disclosed:
Medium
Weakness: Classic Buffer Overflow
Permission model improperly processes UNC paths
Reported by:
tniessen
|
Disclosed:
Low
Weakness: Privilege Escalation
Off-by-slash vulnerability in nodejs.org and iojs.org
Reported by:
nagaro
|
Disclosed:
Medium
Weakness: Path Traversal
Node Installer Local Privilege Escalation
Reported by:
deepsurface-robert
|
Disclosed:
Medium
Weakness: Privilege Escalation
CVEs:
CVE-2021-22117
GOAWAY HTTP/2 frames cause memory leak outside heap
Reported by:
newtmitch
|
Disclosed:
Medium
Weakness: Uncontrolled Resource Consumption
HTTP header values do not have trailing OWS trimmed
Reported by:
alyssawilk
|
Disclosed:
High
Weakness: Improper Input Validation