← back
CVE-2020-8174

CVE-2020-8174

EPSS 7.6%CWE-119
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 7.6%KEV nãoPoC Patch referenciado
Lifecycle
24 Jul 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
Affected products
n/a · https://github.com/nodejs/node

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://hackerone.com/reports/784186https://security.gentoo.org/glsa/202101-07https://security.netapp.com/advisory/ntap-20201023-0003/https://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.html