Known Vulnerabilities for products from Joyent
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Joyent".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-43395 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-12-26 | 2023-08-08 |
| CVE-2020-27678 json | An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS... | 9.8 - CRITICAL | 2020-10-26 | 2020-10-27 |
| CVE-2020-7712 json | This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. | 7.2 - HIGH | 2020-08-30 | 2023-11-07 |
| CVE-2018-12122 json | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can ... | 7.5 - HIGH | 2018-11-28 | 2022-09-06 |
| CVE-2018-12121 json | Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By usin... | 7.5 - HIGH | 2018-11-28 | 2022-09-06 |
| CVE-2018-12116 json | Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsaniti... | 7.5 - HIGH | 2018-11-28 | 2022-08-29 |
| CVE-2018-3737 json | sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. | 7.5 - HIGH | 2018-06-07 | 2023-01-30 |
| CVE-2018-1171 json | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-201708... | 7 - HIGH | 2018-03-19 | 2020-08-28 |
| CVE-2018-1166 json | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-201708... | 7.8 - HIGH | 2018-02-21 | 2019-10-09 |
| CVE-2018-1165 json | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-201708... | 7 - HIGH | 2018-02-21 | 2020-09-09 |
| CVE-2017-16005 json | Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs ... | 7.5 - HIGH | 2018-06-04 | 2019-10-09 |
| CVE-2017-10940 json | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center ... | 8.8 - HIGH | 2017-10-31 | 2019-10-09 |
| CVE-2016-9040 json | An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability... | 5.5 - MEDIUM | 2018-09-07 | 2022-12-14 |
| CVE-2016-9039 json | An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is pr... | 5.5 - MEDIUM | 2017-01-31 | 2022-04-19 |
| CVE-2016-9035 json | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9034 json | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9033 json | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9032 json | An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is prese... | 7 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-9031 json | An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is pres... | 7.8 - HIGH | 2016-12-14 | 2022-12-13 |
| CVE-2016-8733 json | An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is pres... | 8.8 - HIGH | 2016-12-14 | 2022-12-13 |
Known software with vulnerabilities from Joyent
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Joyent | Http-signature | 0.10.0 |
| Application | Joyent | Json | - |
| Application | Joyent | Node.js | 0.6.1 |
| Operating System | Joyent | Smartos | 20120614 |
| Application | Joyent | Sshpk | 1.0.0 |
| Application | Joyent | Triton Datacenter | - |