14.4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-24	CVE-2020-8174	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. network high complexity nodejs oracle netapp CWE-191	8.1
2020-06-08	CVE-2020-8172	Improper Certificate Validation vulnerability in multiple products TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. network high complexity nodejs oracle CWE-295	7.4
2020-06-03	CVE-2020-11080	In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. network low complexity nghttp2 debian opensuse fedoraproject oracle nodejs	7.5
2020-03-12	CVE-2020-10531	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. network low complexity icu-project redhat google fedoraproject debian canonical opensuse oracle nodejs CWE-190	8.8
2019-07-26	CVE-2019-10744	Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. network low complexity lodash netapp redhat oracle f5 critical	9.1