Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2014-9748

The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.

  • Published: Feb 11, 2020
  • Updated: Nov 8, 2023
  • CVE: CVE-2014-9748
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.1
  • AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
libuv / libuv - 1.7.4
nodejs / node.js 0.12.0 0.12.15
nodejs / node.js 0.10.0 0.10.46