Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Node.js: Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests

🗓️ 08 May 2020 07:45:07Reported by shogunpandaType 
hackerone
 hackerone🔗 hackerone.com👁 210 Views

Node.js is vulnerable to denial of service (DOS) attacks due to unfinished HTTP/1.1 requests, leading to resource exhaustion

Related
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Node.js upgrade for IBM Cloud Pak for Data Streams Flows
30 Nov 202016:40
ibm
IBM Security Bulletins		Security Bulletin: IBM Event Streams is affected by multiple Node.js vulnerabilities
15 Jan 202114:41
ibm
IBM Security Bulletins		Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by an Apache Commons Codec vulnerability
15 Dec 202017:43
ibm
IBM Security Bulletins		Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js
9 Dec 202004:41
ibm
IBM Security Bulletins		Security Bulletin: IBM DataPower Gateway vulnerable to a DoS
19 Aug 202116:09
ibm
IBM Security Bulletins		Security Bulletin: Vulnerabilities in jQuery, Spring, Dom4j, MongoDB, Linux Kernel, Targetcli-fb, Jackson, Node.js, and Apache Commons affect IBM Spectrum Protect Plus
20 Nov 202020:41
ibm
IBM Security Bulletins		Security Bulletin: IBM Cloud Transformation Advisor is affected by multiple Node.js vulnerabilities.
14 Dec 202015:16
ibm
IBM Security Bulletins		Security Bulletin: Potential vulnerability with Node.js
9 Dec 202016:31
ibm
IBM Security Bulletins		Security Bulletin: IBM Cloud Private is vulnerable to Node.js vulnerabilities (CVE-2020-8201, CVE-2020-8252, CVE-2020-8251)
26 Feb 202115:33
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in node.js may affect configuration editor used in IBM Business Automation Workflow and IBM Business Process Manager (BPM) - CVE-2020-8201, CVE-2020-8252, CVE-2020-8251
11 Dec 202007:41
ibm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Oct 2020 19:24Current
EPSS0.04991
$250
node.jsdenial of servicedos attackshttp/1.1 requestsresource exhaustionserver timeoutserver headers timeoutfastifyrestifybusboyraw-bodybody parsingrequest bodytimeoutslowloris attacks
210