Lucene search
K

nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass

🗓️ 01 Oct 2019 10:03:49Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 4 Views

Node.js Slowloris fix bypass enables DoS by sending two crafted requests on a single connection.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: A vulnerability in Node.js affects IBM Cloud App Management V2018
6 Sep 201912:28
ibm
IBM Security Bulletins
Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2019-5739 CVE-2019-5737 CVE-2019-1559)
2 Jul 201917:50
ibm
IBM Security Bulletins
Security Bulletin: IBM Event Streams is affected by vulnerabilities in the shipped Node runtime
29 Mar 201910:55
ibm
IBM Security Bulletins
Security Bulletin: IBM API Connect is affected by a denial of service vulnerability in Node.js (CVE-2019-5737)
6 Jun 201915:40
ibm
IBM Security Bulletins
Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js denial of service vulnerability (CVE-2019-5737)
5 Dec 202219:00
ibm
IBM Security Bulletins
Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and IBM Business Process Manager (BPM)
14 Sep 202215:02
ibm
IBM Security Bulletins
Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud
6 Jun 201920:05
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in Watson Openscale (Liberty, Java, node.js)
28 Jan 202018:42
ibm
IBM Security Bulletins
Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway
2 Apr 201905:10
ibm
IBM Security Bulletins
Security Bulletin: Secure Gateway is affected by multiple vulnerabilities
6 Jun 201917:15
ibm
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux7aarch64rh-nodejs100:3.2-3.el7rh-nodejs10-0:3.2-3.el7.aarch64.rpm
Red Hat Enterprise Linux7ppc64lerh-nodejs100:3.2-3.el7rh-nodejs10-0:3.2-3.el7.ppc64le.rpm
Red Hat Enterprise Linux7s390xrh-nodejs100:3.2-3.el7rh-nodejs10-0:3.2-3.el7.s390x.rpm
Red Hat Enterprise Linux7x86_64rh-nodejs100:3.2-3.el7rh-nodejs10-0:3.2-3.el7.x86_64.rpm
Red Hat Enterprise Linux7aarch64rh-nodejs10-nodejs0:10.16.3-3.el7rh-nodejs10-nodejs-0:10.16.3-3.el7.aarch64.rpm
Red Hat Enterprise Linux7ppc64lerh-nodejs10-nodejs0:10.16.3-3.el7rh-nodejs10-nodejs-0:10.16.3-3.el7.ppc64le.rpm
Red Hat Enterprise Linux7s390xrh-nodejs10-nodejs0:10.16.3-3.el7rh-nodejs10-nodejs-0:10.16.3-3.el7.s390x.rpm
Red Hat Enterprise Linux7x86_64rh-nodejs10-nodejs0:10.16.3-3.el7rh-nodejs10-nodejs-0:10.16.3-3.el7.x86_64.rpm
Red Hat Enterprise Linux7aarch64rh-nodejs10-nodejs-debuginfo0:10.16.3-3.el7rh-nodejs10-nodejs-debuginfo-0:10.16.3-3.el7.aarch64.rpm
Red Hat Enterprise Linux7ppc64lerh-nodejs10-nodejs-debuginfo0:10.16.3-3.el7rh-nodejs10-nodejs-debuginfo-0:10.16.3-3.el7.ppc64le.rpm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

01 Jul 2026 19:20Current
6.7Medium risk
Vulners AI Score6.7
CVSS 25
CVSS 3.17.5
EPSS0.16184
4