Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Node.js | Nodejs | 0.12.4 | 0.12.4 |
Node.js | Nodejs | 0.12.7 | 0.12.7 |
Node.js | Nodejs | 0.12.1 | 0.12.1 |
Node.js | Nodejs | 0.12.2 | 0.12.2 |
Node.js | Nodejs | 4.2.1 | 4.2.1 |
Node.js | Nodejs | 0.12.5 | 0.12.5 |
Node.js | Nodejs | 0.12.8 | 0.12.8 |
Node.js | Nodejs | 5.1.0 | 5.1.0 |
Node.js | Nodejs | 0.12.6 | 0.12.6 |
Node.js | Nodejs | 0.12.3 | 0.12.3 |
Node.js | Nodejs | 4.2.2 | 4.2.2 |
Node.js | Nodejs | 5.0.0 | 5.0.0 |
Node.js | Nodejs | 0.12.0 | 0.12.0 |
Node.js | Nodejs | 4.2.0 | 4.2.0 |