• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-400

CVE-2020-28496

February 26, 2023 by

This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require(‘three’) function build_blank (n) { var ret = “rgb(” for (var i = 0; i < n; i++) { ret += " " } return ret + ""; } var Color = three.Color var time = Date.now(); new Color(build_blank(50000)) var time_cost = Date.now() – time; console.log(time_cost+" ms")

CVE-2020-28469

February 26, 2023 by

This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.

CVE-2020-27827

February 26, 2023 by

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

CVE-2020-27782

February 26, 2023 by

A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This affects Undertow 2.1.5.SP1, 2.0.33.SP2, and 2.2.3.SP1.

CVE-2020-27813

February 26, 2023 by

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.

CVE-2020-27722

February 26, 2023 by

In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 46
  • Go to page 47
  • Go to page 48
  • Go to page 49
  • Go to page 50
  • Interim pages omitted …
  • Go to page 153
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE