Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106043 | Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2019:1821 | Third Party Advisory |
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/ | Patch Vendor Advisory |
https://security.gentoo.org/glsa/202003-48 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
06 Sep 2022, 17:57
Type | Values Removed | Values Added |
---|---|---|
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1821 - Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202003-48 - Third Party Advisory | |
CPE | cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:* |
cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:* |
Information
Published : 2018-11-28 17:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-12122
Mitre link : CVE-2018-12122
CVE.ORG link : CVE-2018-12122
JSON object : View
Products Affected
nodejs
- node.js
suse
- suse_enterprise_storage
- suse_linux_enterprise_server
- suse_openstack_cloud
CWE
CWE-400
Uncontrolled Resource Consumption