[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-8252":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":72,"aliases":73,"duplicate_of":9,"upstream":74,"downstream":75,"duplicates":110,"related":111,"reserved_at":9,"published_at":120,"modified_at":121,"state":122,"summary":123,"references_raw":132,"kevs":176,"epss":177,"epss_history":180,"metrics":445,"affected":455},"CVE-2020-8252","The implementation of realpath in libuv \u003C 10.22.1, \u003C 12.18.4, and \u003C 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-120","Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')","The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.","weakness","Incomplete","Base","High",[20,24,28,32,36,40,44,48,52,56,60,64,68],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":33,"name":34,"techniques":35},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-42","MIME Conversion",[],{"id":41,"name":42,"techniques":43},"CAPEC-44","Overflow Binary Resource File",[],{"id":45,"name":46,"techniques":47},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":49,"name":50,"techniques":51},"CAPEC-46","Overflow Variables and Tags",[],{"id":53,"name":54,"techniques":55},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":57,"name":58,"techniques":59},"CAPEC-67","String Format Overflow in syslog()",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"id":69,"name":70,"techniques":71},"CAPEC-92","Forced Integer Overflow",[],[],[],[],[76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108],{"_key":77},"ALPINE-CVE-2020-8252",{"_key":79},"SUSE-SU-2020:2829-1",{"_key":81},"SUSE-SU-2020:2812-1",{"_key":83},"SUSE-SU-2020:2813-1",{"_key":85},"SUSE-SU-2020:2823-1",{"_key":87},"OPENSUSE-SU-2020:1616-1",{"_key":89},"OPENSUSE-SU-2020:1660-1",{"_key":91},"MGASA-2020-0372",{"_key":93},"MGASA-2020-0398",{"_key":95},"UBUNTU-CVE-2020-8252",{"_key":97},"USN-4548-1",{"_key":99},"DEBIAN-CVE-2020-8252",{"_key":101},"RHSA-2020:4272",{"_key":103},"RHSA-2020:4903",{"_key":105},"RHSA-2020:5086",{"_key":107},"RHSA-2021:0521",{"_key":109},"RHSA-2021:0548",[],[112,113,114,115,116,117,118,119],{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},"2020-09-18T20:11:51.000Z","2025-04-30T22:24:26.861Z","Modified",{"cisa_kev":124,"cisa_ransomware":124,"cisa_vendor":9,"epss_severity":125,"epss_score":126,"severity":127,"severity_score":128,"severity_version":129,"severity_source":130,"severity_vector":131,"severity_status":122},false,"low",0.00181,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[133,140,146,151,156,161,166,171],{"url":134,"sources":135,"tags":137},"https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/",[136,130],"cve.org",[138,139],"X Refsource MISC","Vendor Advisory",{"url":141,"sources":142,"tags":143},"https://hackerone.com/reports/965914",[136,130],[138,144,145],"Permissions Required","Third Party Advisory",{"url":147,"sources":148,"tags":149},"https://security.gentoo.org/glsa/202009-15",[136,130],[139,150,145],"X Refsource GENTOO",{"url":152,"sources":153,"tags":154},"https://usn.ubuntu.com/4548-1/",[136,130],[139,155,145],"X Refsource UBUNTU",{"url":157,"sources":158,"tags":159},"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00011.html",[136,130],[139,160,145],"X Refsource SUSE",{"url":162,"sources":163,"tags":164},"https://security.netapp.com/advisory/ntap-20201009-0004/",[136,130],[165,145],"X Refsource CONFIRM",{"url":167,"sources":168,"tags":169},"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00023.html",[136,130],[139,160,170,145],"Mailing List",{"url":172,"sources":173,"tags":174},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/",[136,130],[139,175],"X Refsource FEDORA",[],{"date":178,"score":126,"percentile":179},"2026-06-04",0.39444,[181,185,188,191,194,197,200,203,206,209,212,215,218,221,224,228,231,234,236,239,242,245,248,250,252,255,258,261,265,268,271,274,277,280,283,286,289,292,295,298,300,303,306,309,311,314,317,320,322,325,328,330,333,336,339,342,345,347,349,352,355,358,361,364,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,429,432,435,438,441],{"date":182,"score":183,"percentile":184},"2025-11-04",0.00198,0.42056,{"date":186,"score":183,"percentile":187},"2025-11-05",0.42046,{"date":189,"score":183,"percentile":190},"2025-11-06",0.42059,{"date":192,"score":183,"percentile":193},"2025-11-07",0.42083,{"date":195,"score":183,"percentile":196},"2025-11-08",0.42075,{"date":198,"score":183,"percentile":199},"2025-11-09",0.42052,{"date":201,"score":183,"percentile":202},"2025-11-10",0.42018,{"date":204,"score":183,"percentile":205},"2025-11-11",0.42035,{"date":207,"score":183,"percentile":208},"2025-11-12",0.42069,{"date":210,"score":183,"percentile":211},"2025-11-13",0.42082,{"date":213,"score":183,"percentile":214},"2025-11-14",0.42084,{"date":216,"score":183,"percentile":217},"2025-11-15",0.42081,{"date":219,"score":183,"percentile":220},"2025-11-16",0.42068,{"date":222,"score":183,"percentile":223},"2025-11-17",0.42039,{"date":225,"score":226,"percentile":227},"2025-11-18",0.01259,0.77627,{"date":229,"score":226,"percentile":230},"2025-11-19",0.77635,{"date":232,"score":226,"percentile":233},"2025-11-20",0.77643,{"date":235,"score":183,"percentile":205},"2025-11-21",{"date":237,"score":183,"percentile":238},"2025-11-22",0.42037,{"date":240,"score":183,"percentile":241},"2025-11-23",0.42009,{"date":243,"score":183,"percentile":244},"2025-11-24",0.42,{"date":246,"score":183,"percentile":247},"2025-11-25",0.42014,{"date":249,"score":183,"percentile":241},"2025-11-26",{"date":251,"score":183,"percentile":247},"2025-11-27",{"date":253,"score":183,"percentile":254},"2025-11-28",0.41985,{"date":256,"score":183,"percentile":257},"2025-11-29",0.41958,{"date":259,"score":183,"percentile":260},"2025-11-30",0.41938,{"date":262,"score":263,"percentile":264},"2025-12-01",0.00231,0.45844,{"date":266,"score":263,"percentile":267},"2025-12-02",0.45859,{"date":269,"score":263,"percentile":270},"2025-12-03",0.45852,{"date":272,"score":183,"percentile":273},"2025-12-04",0.41937,{"date":275,"score":183,"percentile":276},"2025-12-05",0.41962,{"date":278,"score":183,"percentile":279},"2025-12-06",0.4195,{"date":281,"score":183,"percentile":282},"2025-12-07",0.41928,{"date":284,"score":183,"percentile":285},"2025-12-08",0.41934,{"date":287,"score":183,"percentile":288},"2025-12-09",0.41968,{"date":290,"score":183,"percentile":291},"2025-12-10",0.42027,{"date":293,"score":183,"percentile":294},"2025-12-11",0.42057,{"date":296,"score":183,"percentile":297},"2025-12-12",0.42085,{"date":299,"score":183,"percentile":220},"2025-12-13",{"date":301,"score":183,"percentile":302},"2025-12-14",0.42024,{"date":304,"score":183,"percentile":305},"2025-12-15",0.42011,{"date":307,"score":183,"percentile":308},"2025-12-16",0.4204,{"date":310,"score":183,"percentile":217},"2025-12-17",{"date":312,"score":183,"percentile":313},"2025-12-18",0.42119,{"date":315,"score":183,"percentile":316},"2025-12-19",0.42134,{"date":318,"score":183,"percentile":319},"2025-12-20",0.42113,{"date":321,"score":183,"percentile":196},"2025-12-21",{"date":323,"score":183,"percentile":324},"2025-12-22",0.4205,{"date":326,"score":183,"percentile":327},"2025-12-23",0.42051,{"date":329,"score":183,"percentile":220},"2025-12-24",{"date":331,"score":183,"percentile":332},"2025-12-25",0.42117,{"date":334,"score":183,"percentile":335},"2025-12-26",0.421,{"date":337,"score":183,"percentile":338},"2025-12-27",0.42111,{"date":340,"score":183,"percentile":341},"2025-12-28",0.42028,{"date":343,"score":183,"percentile":344},"2025-12-29",0.4201,{"date":346,"score":183,"percentile":244},"2025-12-30",{"date":348,"score":183,"percentile":187},"2025-12-31",{"date":350,"score":263,"percentile":351},"2026-01-01",0.4596,{"date":353,"score":263,"percentile":354},"2026-01-02",0.45937,{"date":356,"score":263,"percentile":357},"2026-01-03",0.45924,{"date":359,"score":183,"percentile":360},"2026-01-04",0.41987,{"date":362,"score":183,"percentile":363},"2026-01-05",0.41963,{"date":365,"score":183,"percentile":363},"2026-01-06",{"date":367,"score":183,"percentile":368},"2026-01-07",0.41984,{"date":370,"score":183,"percentile":371},"2026-01-08",0.42012,{"date":373,"score":183,"percentile":374},"2026-01-09",0.41993,{"date":376,"score":183,"percentile":377},"2026-01-10",0.41992,{"date":379,"score":183,"percentile":380},"2026-01-11",0.41964,{"date":382,"score":183,"percentile":383},"2026-01-12",0.41914,{"date":385,"score":183,"percentile":386},"2026-01-13",0.41891,{"date":388,"score":183,"percentile":389},"2026-01-14",0.41941,{"date":391,"score":183,"percentile":392},"2026-01-15",0.41932,{"date":394,"score":183,"percentile":395},"2026-01-16",0.41952,{"date":397,"score":183,"percentile":398},"2026-01-17",0.41925,{"date":400,"score":183,"percentile":401},"2026-01-18",0.41892,{"date":403,"score":183,"percentile":404},"2026-01-19",0.41862,{"date":406,"score":183,"percentile":407},"2026-01-20",0.41852,{"date":409,"score":183,"percentile":410},"2026-01-21",0.41855,{"date":412,"score":183,"percentile":413},"2026-01-22",0.4185,{"date":415,"score":183,"percentile":416},"2026-01-23",0.41908,{"date":418,"score":126,"percentile":419},"2026-01-24",0.39922,{"date":421,"score":126,"percentile":422},"2026-01-25",0.39875,{"date":424,"score":126,"percentile":425},"2026-01-26",0.3982,{"date":427,"score":126,"percentile":428},"2026-01-27",0.39817,{"date":430,"score":126,"percentile":431},"2026-01-28",0.39813,{"date":433,"score":126,"percentile":434},"2026-01-29",0.39791,{"date":436,"score":126,"percentile":437},"2026-01-30",0.39794,{"date":439,"score":126,"percentile":440},"2026-01-31",0.39804,{"date":442,"score":443,"percentile":444},"2026-02-01",0.00211,0.43566,[446],{"source":130,"cvss_v2_0":447,"cvss_v3_0":9,"cvss_v3_1":452,"cvss_v4_0":9},{"baseScore":448,"baseSeverity":9,"vectorString":449,"impactScore":450,"exploitabilityScore":451},4.6,"AV:L/AC:L/Au:N/C:P/I:P/A:P",6.4,3.9,{"baseScore":128,"baseSeverity":453,"vectorString":131,"impactScore":454,"exploitabilityScore":448},"HIGH",9.8,[456,464,516,528],{"ecosystem":9,"name":457,"vendor":458,"product":457,"cpe_part":459,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":460},"fedora","fedoraproject","o",[461],{"version":462,"is_range":124,"range_type":463,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"33","cpe",{"ecosystem":9,"name":465,"vendor":466,"product":465,"cpe_part":467,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":468},"node","nodejs","a",[469,476,480,484,488,492,496,500,504,508,512],{"version":470,"is_range":471,"range_type":136,"version_start":472,"version_start_type":473,"version_end":474,"version_end_type":475,"fixed_in":9},">= 4.0, \u003C 4.*",true,"4.0","including","4.*","excluding",{"version":477,"is_range":471,"range_type":136,"version_start":478,"version_start_type":473,"version_end":479,"version_end_type":475,"fixed_in":9},">= 5.0, \u003C 5.*","5.0","5.*",{"version":481,"is_range":471,"range_type":136,"version_start":482,"version_start_type":473,"version_end":483,"version_end_type":475,"fixed_in":9},">= 6.0, \u003C 6.*","6.0","6.*",{"version":485,"is_range":471,"range_type":136,"version_start":486,"version_start_type":473,"version_end":487,"version_end_type":475,"fixed_in":9},">= 7.0, \u003C 7.*","7.0","7.*",{"version":489,"is_range":471,"range_type":136,"version_start":490,"version_start_type":473,"version_end":491,"version_end_type":475,"fixed_in":9},">= 8.0, \u003C 8.*","8.0","8.*",{"version":493,"is_range":471,"range_type":136,"version_start":494,"version_start_type":473,"version_end":495,"version_end_type":475,"fixed_in":9},">= 9.0, \u003C 9.*","9.0","9.*",{"version":497,"is_range":471,"range_type":136,"version_start":498,"version_start_type":473,"version_end":499,"version_end_type":475,"fixed_in":9},">= 10.0, \u003C 10.22.1","10.0","10.22.1",{"version":501,"is_range":471,"range_type":136,"version_start":502,"version_start_type":473,"version_end":503,"version_end_type":475,"fixed_in":9},">= 11.0, \u003C 11.*","11.0","11.*",{"version":505,"is_range":471,"range_type":136,"version_start":506,"version_start_type":473,"version_end":507,"version_end_type":475,"fixed_in":9},">= 12.0, \u003C 12.18.4","12.0","12.18.4",{"version":509,"is_range":471,"range_type":136,"version_start":510,"version_start_type":473,"version_end":511,"version_end_type":475,"fixed_in":9},">= 13.0, \u003C 13.*","13.0","13.*",{"version":513,"is_range":471,"range_type":136,"version_start":514,"version_start_type":473,"version_end":515,"version_end_type":475,"fixed_in":9},">= 14.0, \u003C 14.9.0","14.0","14.9.0",{"ecosystem":9,"name":517,"vendor":466,"product":517,"cpe_part":467,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":518},"node.js",[519,522,525],{"version":520,"is_range":471,"range_type":463,"version_start":521,"version_start_type":473,"version_end":499,"version_end_type":475,"fixed_in":9},"gte10.0.0_lt10.22.1","10.0.0",{"version":523,"is_range":471,"range_type":463,"version_start":524,"version_start_type":473,"version_end":507,"version_end_type":475,"fixed_in":9},"gte12.0.0_lt12.18.4","12.0.0",{"version":526,"is_range":471,"range_type":463,"version_start":527,"version_start_type":473,"version_end":515,"version_end_type":475,"fixed_in":9},"gte14.0.0_lt14.9.0","14.0.0",{"ecosystem":9,"name":529,"vendor":530,"product":529,"cpe_part":459,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":531},"leap","opensuse",[532],{"version":533,"is_range":124,"range_type":463,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.2"]