Lucene search
K

5 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/14 3:2 p.m.65 views

Security Bulletin: Security vulnerabilities in IBM SDK for Node.js might affect the configuration editor used by IBM Business Automation Workflow and IBM Business Process Manager (BPM)

Summary Security vulnerabilities have been reported for IBM SDK for Node.js. IBM Business Automation Workflow and IBM BPM include a stand-alone tool for editing configuration properties files that is based on IBM SDK for Node.js. Vulnerability Details CVEID: CVE-2019-9517 DESCRIPTION: Multiple...

7.4AI score0.87806EPSS
Exploits1Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 11:44 a.m.43 views

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Cloud App Management

Summary There are vulnerabilities in Node.js used by IBM® Cloud App Management. IBM® Cloud App Management has addressed the applicable CVEs in a later version. Vulnerability Details CVEID: CVE-2019-9513 DESCRIPTION: Multiple vendors are vulnerable to a denial of service, caused by a Resource Loop...

7.8CVSS0.9AI score0.87806EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.75 views

FreeBSD : NGINX -- Multiple vulnerabilities (87679fcb-be60-11e9-9051-4c72b94353b5) (0-Length Headers Leak) (Data Dribble) (Resource Loop)

NGINX Team reports : Several security issues were identified in nginx HTTP/2 implementation which might cause excessive memory consumption and CPU usage CVE-2019-9511, CVE-2019-9513, CVE-2019-9516. The issues affect nginx compiled with the ngxhttpv2module not compiled by default if the http2 opti...

7.8CVSS7.4AI score0.82017EPSS
Exploits0References5
Node JS Blog
Node JS Blog
added 2019/08/16 12:0 a.m.65 views

August 2019 Security Releases

August 2019 Security Releases Node.js, as well as many other implementations of HTTP/2, have been found vulnerable to Denial of Service attacks. See https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for more information. Updates are now available for all...

7.8CVSS7.7AI score0.87806EPSS
Exploits1
CERT
CERT
added 2019/08/13 12:0 a.m.127 views

HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion

Overview Multiple HTTP/2 implementations are vulnerable to a variety of denial-of-service DoS attacks. Description The Security Considerations section of RFC7540 discusses some of the considerations needed for HTTP/2 connections as they demand more resources to operate than HTTP/1.1 connections...

7.8CVSS7.7AI score0.87806EPSS
Exploits1References6
Rows per page
Query Builder