Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

jeudi 4 mars 2021

Node.js up to 10.23.x/12.20.x/14.15.x/15.9.x DNS Server /etc/hosts dns rebinding

A vulnerability was found in Node.js up to 10.23.x/12.20.x/14.15.x/15.9.x (JavaScript Library). It has been classified as critical. Affected is an unknown function of the file /etc/hosts of the component DNS Server Handler. Upgrading to version 10.24.0, 12.21.0, 14.16.0 or 15.10.0 eliminates this vulnerability. The upgrade is hosted for download at nodejs.org.

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 39

x

Événements SSI