Lucene search

K
redhatRedHatRHSA-2023:5765
HistoryOct 17, 2023 - 8:48 a.m.

(RHSA-2023:5765) Important: nodejs security update

2023-10-1708:48:34
access.redhat.com
30
node.js
security update
http/2
ddos
vulnerability

0.732 High

EPSS

Percentile

98.1%

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.

Security Fix(es):

  • nodejs: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.