Node.js Multiple Denial of Service Vulnerabilities

Bugtraq ID:	106363
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2018-7161 CVE-2018-7167
Remote:	Yes
Local:	No
Published:	Jun 06 2019 12:00AM
Updated:	Jun 06 2019 12:00AM
Credit:	Jordan Zebor at F5
Vulnerable:	Nodejs Node.Js 10.4 Nodejs Node.Js 10.3 Nodejs Node.Js 10.2.1 Nodejs Node.Js 10.2 Nodejs Node.Js 10.1 Nodejs Node.Js 10.0 Nodejs Node.Js 9.11.1 Nodejs Node.Js 9.11 Nodejs Node.Js 9.10.1 Nodejs Node.Js 9.10 Nodejs Node.Js 9.7.1 Nodejs Node.Js 9.7 Nodejs Node.Js 9.6.1 Nodejs Node.Js 9.6 Nodejs Node.Js 9.5 Nodejs Node.Js 8.11.2 Nodejs Node.Js 8.8 Nodejs Node.Js 8.6 Nodejs Node.Js 8.5 Nodejs Node.Js 6.14.2 Nodejs Node.Js 6.11.5 Nodejs Node.Js 6.11.4 Nodejs Node.Js 6.7 Nodejs Node.Js 8.0 Nodejs Node.Js 6.0
Not Vulnerable:	Nodejs Node.Js 10.4.1 Nodejs Node.Js 9.11.2 Nodejs Node.Js 8.11.3 Nodejs Node.Js 6.14.3

Node.js Multiple Denial of Service Vulnerabilities

Node.js is prone to multiple denial-of-service vulnerabilities.

Attackers can exploit these issues to cause a denial-of-service condition, denying service to legitimate users.

Node.js Multiple Denial of Service Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Node.js Multiple Denial of Service Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Node.js Multiple Denial of Service Vulnerabilities

References:

• Node.js Homepage (Joyent)
  
• June 2018 Security Releases (Node.js)