CVE-2019-15604

Published: Feb 7, 2020
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-15604" target="_blank" rel="noopener"> CVE-2019-15604
Severity: High
Exploit:

Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
nodejs / node.js	13.0.0	13.8.0
nodejs / node.js	12.0.0	12.15.0
nodejs / node.js	10.0.0	10.19.0
debian / debian_linux	10.0	10.0.x
opensuse / leap	15.1	15.1.x
redhat / software_collections	1.0	1.0.x
redhat / enterprise_linux_eus	8.1	8.1.x
redhat / enterprise_linux_eus	8.2	8.2.x
redhat / enterprise_linux_server_tus	8.2	8.2.x
redhat / enterprise_linux_server_aus	8.2	8.2.x
redhat / enterprise_linux	8.0	8.0.x
redhat / enterprise_linux_server_tus	8.4	8.4.x
redhat / enterprise_linux_eus	8.4	8.4.x
redhat / enterprise_linux_server_aus	8.4	8.4.x
redhat / enterprise_linux_server_aus	8.6	8.6.x
redhat / enterprise_linux_server_tus	8.6	8.6.x
redhat / enterprise_linux_eus	8.6	8.6.x
oracle / graalvm	20.0.0	20.0.0.x
oracle / graalvm	19.3.1	19.3.1.x
oracle / communications_cloud_native_core_network_function_cloud_native_environment	1.4.0	1.4.0.x

Vulnerability Database