PT-2018-11029 · Node.Js+3 · Node.Js+3

Jan Maybach

Publicado

2018-11-27

Atualizado

2026-05-18

CVE-2018-12122

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Node.js versions prior to 6.15.0 Node.js versions prior to 8.14.0 Node.js versions prior to 10.14.0 Node.js versions prior to 11.3.0

Description The issue allows an attacker to cause a Denial of Service (DoS) by sending headers very slowly, keeping HTTP or HTTPS connections and associated resources alive for a long period of time.

Recommendations For versions prior to 6.15.0, update to version 6.15.0 or later. For versions prior to 8.14.0, update to version 8.14.0 or later. For versions prior to 10.14.0, update to version 10.14.0 or later. For versions prior to 11.3.0, update to version 11.3.0 or later.

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

ALT-PU-2018-2749

BDU:2026-01429

CLEANSTART-2026-BD71263

CLEANSTART-2026-IS74202

CLEANSTART-2026-JR35772

CLEANSTART-2026-JY06700

CLEANSTART-2026-KN34553

CLEANSTART-2026-KZ45320

CLEANSTART-2026-LJ44720

CLEANSTART-2026-LN12820

CLEANSTART-2026-TX00223

CLEANSTART-2026-WI75198

CVE-2018-12122

MGASA-2019-0277

OPENSUSE-SU-2019:0089-1

OPENSUSE-SU-2019_0088-1

OPENSUSE-SU-2019_0089-1

OPENSUSE-SU-2019_0234-1

RHSA-2019:1821

RHSA-2019:2939

SUSE-SU-2019:0117-1

SUSE-SU-2019:0118-1

SUSE-SU-2019:0395-1

SUSE-SU-2019:14246-1

SUSE-SU-2019_14246-1

USN-4796-1

Produtos afetados

Alt Linux

Node.Js

Suse

Ubuntu

PT-2018-11029 · Node.Js+3 · Node.Js+3

CVE-2018-12122

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 438