Fedor Indutny

**Name of the Vulnerable Software and Affected Versions** Node.js versions 0.12.x through 0.12.8 Node.js versions 4.x through 4.2.2 Node.js versions 5.x through 5.1.0 **Description** The issue allows remote attackers to cause a denial of service, resulting in an uncaughtException and service outage, via a pipelined HTTP request. This occurs because the software does not ensure the availability of a parser for each HTTP socket. **Recommendations** For Node.js versions 0.12.x through 0.12.8, update to version 0.12.9 or later. For Node.js versions 4.x through 4.2.2, update to version 4.2.3 or later. For Node.js versions 5.x through 5.1.0, update to version 5.1.1 or later.