Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.
CVSS Information
N/A
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Joyent Node.js 资源管理错误漏洞
Vulnerability Description
Joyent Node.js是美国Joyent公司的一套建立在Google V8 JavaScript引擎之上的网络应用平台。该平台主要用于构建高度可伸缩的应用程序,以及编写能够处理数万条且同时连接到一个物理机的连接代码。 Joyent Node.js中存在资源管理错误漏洞。攻击者可利用该漏洞造成拒绝服务(HTTP服务器异常终止)。以下版本受到影响:Joyent Node.js 6.15.0之前版本,8.14.0之前版本,10.14.0之前版本,11.3.0之前版本。
CVSS Information
N/A
Vulnerability Type
N/A