Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory consumption and potential denial of service under certain conditions. This vulnerability affects HTTP/2 Server users on Node.js v18.x, v20.x, v22.x and v23.x.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Node.js 安全漏洞
Vulnerability Description
Node.js是Node.js开源的一个开源、跨平台的 JavaScript 运行时环境。 Node.js v18.x版本、v20.x版本、v22.x版本和 v23.x版本存在安全漏洞,该漏洞源于当远程对等端突然关闭套接字而不发送 GOAWAY 通知时,可能会发生内存泄漏,导致内存消耗增加或拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A