First published: Wed Nov 28 2018(Updated: )
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.
Credit: cve-request@iojs.org cve-request@iojs.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/nodejs | <6.15.1 | 6.15.1 |
redhat/nodejs | <8.14.0 | 8.14.0 |
redhat/nodejs | <10.14.0 | 10.14.0 |
redhat/nodejs | <11.3.0 | 11.3.0 |
Nodejs Node.js | >=6.0.0<6.15.1 | |
Nodejs Node.js | >=8.0.0<8.14.0 | |
Nodejs Node.js | >=10.0.0<10.14.0 | |
Nodejs Node.js | >=11.0.0<11.3.0 | |
Suse Suse Enterprise Storage | =4 | |
SUSE SUSE Linux Enterprise Server | =12 | |
SUSE SUSE Linux Enterprise Server | =15 | |
Suse Suse Openstack Cloud | =7 | |
Suse Suse Openstack Cloud | =8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this Node.js vulnerability is CVE-2018-12122.
The title of this Node.js vulnerability is 'Slowloris HTTP Denial of Service.'
CVE-2018-12122 has a severity rating of high (7.5).
This vulnerability affects all versions of Node.js prior to 6.15.0, 8.14.0, 10.14.0, and 11.3.0.
To fix the CVE-2018-12122 vulnerability, you should update Node.js to version 6.15.1, 8.14.0, 10.14.0, or 11.3.0 depending on your version.