Known Vulnerabilities for products from Joyent
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Joyent".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-43395 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-12-26 | 2023-08-08 |
| CVE-2020-27678 | An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS... | 9.8 - CRITICAL | 2020-10-26 | 2020-10-27 |
| CVE-2020-7712 | This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. | 7.2 - HIGH | 2020-08-30 | 2023-11-07 |
| CVE-2018-12122 | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can ... | 7.5 - HIGH | 2018-11-28 | 2022-09-06 |
| CVE-2018-12121 | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By usin... | 7.5 - HIGH | 2018-11-28 | 2022-09-06 |
| CVE-2018-12116 | Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsaniti... | 7.5 - HIGH | 2018-11-28 | 2022-08-29 |
| CVE-2018-3737 | sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. | 7.5 - HIGH | 2018-06-07 | 2023-01-30 |
| CVE-2018-1171 | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-201708... | 7 - HIGH | 2018-03-19 | 2020-08-28 |
| CVE-2018-1166 | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-201708... | 7.8 - HIGH | 2018-02-21 | 2019-10-09 |
| CVE-2018-1165 | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-201708... | 7 - HIGH | 2018-02-21 | 2020-09-09 |
| CVE-2017-16005 | Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs ... | 7.5 - HIGH | 2018-06-04 | 2019-10-09 |
| CVE-2017-10940 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center ... | 8.8 - HIGH | 2017-10-31 | 2019-10-09 |
| CVE-2016-9040 | An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability... | 5.5 - MEDIUM | 2018-09-07 | 2022-12-14 |
| CVE-2016-9039 | An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is pr... | 5.5 - MEDIUM | 2017-01-31 | 2022-04-19 |
| CVE-2016-9035 | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9034 | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9033 | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9032 | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9031 | An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is pres... | 7.8 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-8733 | An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is pres... | 8.8 - HIGH | 2016-12-14 | 2022-12-13 |
Known software with vulnerabilities from Joyent
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Joyent | Http-signature | 0.9.0 |
| Application | Joyent | Json | - |
| Application | Joyent | Node.js | 0.6.1 |
| Operating System | Joyent | Smartos | 20120614 |
| Application | Joyent | Sshpk | 1.0.0 |
| Application | Joyent | Triton Datacenter | - |