CVE-2020-8172

Published: Jun 8, 2020
Updated: Apr 14, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-8172" target="_blank" rel="noopener"> CVE-2020-8172
Severity: High
Exploit:

TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
nodejs / node.js	12.0.0	12.18.0
nodejs / node.js	14.0.0	14.4.0
oracle / graalvm	19.3.2	19.3.2.x
oracle / graalvm	20.1.0	20.1.0.x
oracle / banking_extensibility_workbench	14.4.0	14.4.0.x
oracle / banking_extensibility_workbench	14.3.0	14.3.0.x
oracle / mysql_cluster	8.0.0	8.0.21.x
oracle / mysql_cluster	7.6.0	7.6.15.x
oracle / mysql_cluster	7.5.0	7.5.19.x
oracle / mysql_cluster	7.4.0	7.4.29.x
oracle / mysql_cluster	-	7.3.30.x
oracle / blockchain_platform	-	21.1.2