« List of all CVEs

CVE-2020-8172

Published: 6/8/2020 Last updated: 8/4/2024 Reserved: 1/28/2020

TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.

CNA assigner: hackerone (36234546-b8fa-4601-9d6f-f4e334aa8ea1) Requested by: n/a

Opam packages affected (1)

conf-npm

Products affected (1)

Product Vendor Version
https://github.com/nodejs/node n/a 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier versions

References (18)