CVE-2020-8252
CVSS v3.1
7.8 (High)
CVSS v2.0
4.6 (Medium)
EPSS
0.05 % (20th)
Affected Products
3
Advisories
19
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
Weaknesses
- CWE-120
- Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
- CVE Status
- PUBLISHED
- CNA
- HackerOne
- Published Date
-
2020-09-18 21:15:13
(4 years ago) - Updated Date
-
2023-11-07 03:26:19
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...