FreeBSD45B8E2EB-7056-11E8-8FAB-63CA6E0E13A2node.js -- multiple vulnerabilities
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.042 Low
EPSS
Percentile
92.2%
Node.js reports:
Denial of Service Vulnerability in HTTP/2 (CVE-2018-7161)
All versions of 8.x and later are vulnerable and the severity is
HIGH. An attacker can cause a denial of service (DoS) by causing a
node server providing an http2 server to crash. This can be
accomplished by interacting with the http2 server in a manner that
triggers a cleanup bug where objects are used in native code after
they are no longer available. This has been addressed by updating
the http2 implementation. Thanks to Jordan Zebor at F5 Networks for
reporting this issue.
Denial of Service, nghttp2 dependency (CVE-2018-1000168)
All versions of 9.x and later are vulnerable and the severity is
HIGH. Under certain conditions, a malicious client can trigger an
uninitialized read (and a subsequent segfault) by sending a
malformed ALTSVC frame. This has been addressed through an by
updating nghttp2.
Denial of Service Vulnerability in TLS (CVE-2018-7162)
All versions of 9.x and later are vulnerable and the severity is
HIGH. An attacker can cause a denial of service (DoS) by causing a
node process which provides an http server supporting TLS server to
crash. This can be accomplished by sending duplicate/unexpected
messages during the handshake. This vulnerability has been addressed
by updating the TLS implementation. Thanks to Jordan Zebor at F5
Networks all of his help investigating this issue with the Node.js
team.
Memory exhaustion DoS on v9.x (CVE-2018-7164)
Versions 9.7.0 and later are vulnerable and the severity is MEDIUM.
A bug introduced in 9.7.0 increases the memory consumed when reading
from the network into JavaScript using the net.Socket object
directly as a stream. An attacker could use this cause a denial of
service by sending tiny chunks of data in short succession. This
vulnerability was restored by reverting to the prior behaviour.
Calls to Buffer.fill() and/or Buffer.alloc() may hang (CVE-2018-7167)
Calling Buffer.fill() or Buffer.alloc() with some parameters can
lead to a hang which could result in a Denial of Service. In order
to address this vulnerability, the implementations of Buffer.alloc()
and Buffer.fill() were updated so that they zero fill instead of
hanging in these cases.
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.042 Low
EPSS
Percentile
92.2%