Vulnerabilities > Nodejs > Node JS > 0.11.5

DATE CVE VULNERABILITY TITLE RISK
2017-01-23 CVE-2013-7454 Cross-site Scripting vulnerability in Nodejs Node.Js
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
network
low complexity
nodejs CWE-79
6.1
6.1
2017-01-23 CVE-2013-7453 Cross-site Scripting vulnerability in Nodejs Node.Js
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.
network
low complexity
nodejs CWE-79
6.1
6.1
2017-01-23 CVE-2013-7452 Cross-site Scripting vulnerability in Nodejs Node.Js
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.
network
low complexity
nodejs CWE-79
6.1
6.1
2016-09-16 CVE-2016-6303 Out-of-bounds Write vulnerability in multiple products
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
network
low complexity
nodejs openssl CWE-787
critical
 9.8
9.8