TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
References
Link | Resource |
---|---|
https://hackerone.com/reports/811502 | Exploit Third Party Advisory |
https://nodejs.org/en/blog/vulnerability/june-2020-security-releases/ | Vendor Advisory |
https://security.gentoo.org/glsa/202101-07 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20200625-0002/ | Third Party Advisory |
https://www.oracle.com//security-alerts/cpujul2021.html | Not Applicable Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujan2021.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2020.html | Patch Third Party Advisory |
https://www.oracle.com/security-alerts/cpuoct2020.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2020-06-08T13:08:16
Updated: 2022-04-19T23:23:19
Reserved: 2020-01-28T00:00:00
Link: CVE-2020-8172
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-06-08T14:15:13.213
Modified: 2022-05-12T15:01:02.140
Link: CVE-2020-8172
JSON object: View
Redhat Information
No data.
CWE