PT-2020-9728 · Node.Js+8 · Node.Js+8

Published

2020-02-07

·

Updated

2026-05-18

·

CVE-2019-15604

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Node.js versions 10 through 13
Description The issue is related to improper certificate validation, which can cause the process to abort when a crafted X.509 certificate is sent.
Recommendations For Node.js versions 10 through 13, update to a version that includes the fix for this issue to prevent the process from aborting when encountering a crafted X.509 certificate.

Exploit

Fix

Improper Certificate Validation

Weakness Enumeration

CWE-295

Related Identifiers

ALSA-2020:0579
ALSA-2020:0598
ALT-PU-2020-1195
ALT-PU-2020-2195
CESA-2020_0579
CESA-2020_0598
CLEANSTART-2026-BD71263
CLEANSTART-2026-IS74202
CLEANSTART-2026-JR35772
CLEANSTART-2026-JY06700
CLEANSTART-2026-KN34553
CLEANSTART-2026-KZ45320
CLEANSTART-2026-LJ44720
CLEANSTART-2026-LN12820
CLEANSTART-2026-TX00223
CLEANSTART-2026-WI75198
CVE-2019-15604
DSA-4669-1
MGASA-2020-0372
OPENSUSE-SU-2020:0293-1
OPENSUSE-SU-2020_0293-1
RHSA-2020:0573
RHSA-2020:0579
RHSA-2020:0597
RHSA-2020:0598
RHSA-2020:0602
RHSA-2020_0579
RHSA-2020_0598
RLSA-2020:0579
RLSA-2020:0598
SUSE-SU-2020:0427-1
SUSE-SU-2020:0429-1
SUSE-SU-2020:0454-1
SUSE-SU-2020:0455-1
SUSE-SU-2020:0488-1
SUSE-SU-2020_0427-1
SUSE-SU-2020_0429-1
SUSE-SU-2020_0454-1
SUSE-SU-2020_0455-1
SUSE-SU-2020_0488-1
USN-6380-1

Affected Products

Alt Linux
Almalinux
Centos
Linuxmint
Node.Js
Red Hat
Rocky Linux
Suse
Ubuntu