GCVE - cpe:2.3:a:n/a:https://github.com/nodejs/node:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:https://github.com/nodejs/node:*:*:*:*:*:*:*:*

part: a version: //github.com/nodejs/node update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Https (`b65e66a1-fb16-5533-954b-05eeb21e718a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-8174`	vulnerable	2026-06-08 05:27:15.073173	Details available napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. Published: 2020-07-24T21:45:37.000Z Updated: 2024-08-04T09:56:26.828Z Open on db.gcve.eu Reference links https://hackerone.com/reports/784186 https://www.oracle.com/security-alerts/cpuoct2020.html https://security.gentoo.org/glsa/202101-07 https://www.oracle.com/security-alerts/cpujan2021.html https://security.netapp.com/advisory/ntap-20201023-0003/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-8172`	vulnerable	2026-06-08 05:27:15.065750	Details available TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. Published: 2020-06-08T13:08:16.000Z Updated: 2024-08-04T09:56:26.895Z Open on db.gcve.eu Reference links https://www.oracle.com/security-alerts/cpujul2020.html https://hackerone.com/reports/811502 https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/ https://security.netapp.com/advisory/ntap-20200625-0002/ https://www.oracle.com/security-alerts/cpuoct2020.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.