CVE-2015-5380
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-5380
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and 2.x before 2.3.3, and other products, does not verify that there is memory available for a UTF-16 surrogate pair, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted byte sequence.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Joyent Node.js和io.js Google V8 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Google V8是其中的一套开源JavaScript引擎。Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。io.js是一套衍生自Node.js,并兼容npm(JavaScript的包管理器)的开发平台。 Joyent Node.js和io.js中使用的Google V8的unicode-decoder.cc文件中的‘Utf8DecoderBase:
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-5380
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-5380
请登录查看更多情报信息。
- http://blog.nodejs.org/2015/07/03/node-v0-12-6-stable/x_refsource_CONFIRM
- https://github.com/joyent/node/issues/25583x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2015-5380
Same Patch Batch · n/a · 2015-07-09 · 36 CVEs total
| CVE-2015-4428 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-3130 | 多款Adobe产品缓冲区溢出漏洞 | |
| CVE-2015-3131 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-3132 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-3133 | 多款Adobe产品缓冲区溢出漏洞 | |
| CVE-2015-3134 | 多款Adobe产品缓冲区溢出漏洞 | |
| CVE-2015-3135 | 多款Adobe产品基于栈的缓冲区溢出漏洞 | |
| CVE-2015-3136 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-3137 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-3129 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-4429 | 多款Adobe产品拒绝服务漏洞 | |
| CVE-2015-4430 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-4431 | 多款Adobe产品缓冲区溢出漏洞 | |
| CVE-2015-4432 | 多款Adobe产品基于堆的缓冲区溢出漏洞 | |
| CVE-2015-4433 | 多款Adobe产品任意代码执行漏洞 | |
| CVE-2015-5116 | 多款Adobe产品安全漏洞 | |
| CVE-2015-5117 | 多款Adobe产品释放后重用漏洞 | |
| CVE-2015-5118 | 多款Adobe产品基于堆的缓冲区溢出漏洞 | |
| CVE-2015-3121 | 多款Adobe产品任意代码执行漏洞 | |
| CVE-2014-0578 | 多款Adobe产品安全漏洞 |
Showing top 20 of 36 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2015-5380
No comments yet