vulnerability

Oracle Solaris 11: CVE-2020-8174 (11.4 SRU 26.75.4)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Jul 24, 2020	Jan 19, 2021	Feb 17, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jul 24, 2020

Added

Jan 19, 2021

Modified

Feb 17, 2022

Description

napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.

Solutions

oracle-solaris-11-4-upgrade-runtime-nodejs-12-18-3-11-4-26-0-1-75-3oracle-solaris-11-4-upgrade-runtime-nodejs-nodejs-10-10-22-0-11-4-26-0-1-75-3oracle-solaris-11-4-upgrade-runtime-nodejs-nodejs-12-12-18-3-11-4-26-0-1-75-3

References

CVE-2020-8174
https://attackerkb.com/topics/CVE-2020-8174
URL-https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today