CVE-2018-5407

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-5407
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-5407.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-5407
Downstream
Related
Published
2018-11-15T21:29:00.233Z
Modified
2026-02-03T07:02:55.652203Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.

References

Affected packages

Git / github.com/nodejs/node

Affected ranges

Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
cf41627411886000429bde058a6594fb7f6d6d47
Fixed
03b825811ed4af0addcdf6e75bacb3dc1c4c5940
Introduced
0d8021e5a4cf0a6aa3a700a361f6d42c2894f2ba
Fixed
0cae3c3fe5e3f4c275701446a4baf1f2727344f6
Fixed
1cb5aed5f596a9cb5b68e3a676222c0c35501a5e
Fixed
3e1492ad3b7dd37ecc134bc46a7ed4f04d84070f
Fixed
ce3e3c5fe15479475c068482c48eb9cbf1ac9df5

Affected versions

v10.*
v10.0.0
v10.1.0
v10.2.0
v10.2.1
v10.3.0
v10.4.0
v10.4.1
v10.5.0
v10.6.0
v10.7.0
v10.8.0
v8.*
v8.0.0
v8.1.0
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.10.0
v8.11.0
v8.11.1
v8.11.2
v8.11.3
v8.2.0
v8.2.1
v8.3.0
v8.4.0
v8.5.0
v8.6.0
v8.7.0
v8.8.0
v8.8.1
v8.9.0
v8.9.1
v8.9.2
v8.9.3
v8.9.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-5407.json"