Lucene search
K

38 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-5737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by...

7.5CVSS7AI score0.16184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.33 views

Rocky Linux 8 : nodejs:10 (RLSA-2019:2925)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:2925 advisory. - In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS...

7.8CVSS7.3AI score0.87806EPSS
Exploits1References18
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.4 views

SUSE CVE-2019-5737

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated...

5.3CVSS8.5AI score0.16184EPSS
Exploits0References12
IBM Security Bulletins
IBM Security Bulletins
added 2022/12/05 7:0 p.m.26 views

Security Bulletin: IBM Cloud Transformation Advisor is affected by a Node.js denial of service vulnerability (CVE-2019-5737)

Summary IBM Cloud Transformation Advisor has addressed the following vulnerability. Node.js denial of service vulnerability CVE-2019-5737 Vulnerability Details CVEID:CVE-2019-5737 DESCRIPTION: Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive...

7.5CVSS7.4AI score0.16184EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2019-0277)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.41288EPSS
Exploits0References23
CBLMariner
CBLMariner
added 2021/08/11 6:39 a.m.22 views

CVE-2019-5737 affecting package nodejs 8.11.4-7

CVE-2019-5737 affecting package nodejs 8.11.4-7. An upgraded version of the package is available that resolves this issue...

7.5CVSS7.4AI score0.16184EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2019:0818-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.17139EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2019:0658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.17139EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/29 12:0 a.m.63 views

CentOS 8 : nodejs:10 (CESA-2019:2925)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2925 advisory. - nodejs: Insufficient Slowloris fix causing DoS via server.headersTimeout bypass CVE-2019-5737 - HTTP/2: large amount of data requests leads to denial...

7.8CVSS7.2AI score0.87806EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2020/03/01 7:37 a.m.29 views

CVE-2019-5737

It was found that the original fix for Slowloris, CVE-2018-12122, was insufficient. It is possible to bypass the server's headersTimeout by sending two specially crafted HTTP requests in the same connection. An attacker could use this flaw to bypass Slowloris protection, resulting in a denial of...

7.5CVSS3.5AI score0.41288EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/12/31 12:0 a.m.38 views

Photon OS 1.0: Nodejs PHSA-2019-1.0-0257

An update of the nodejs package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0257. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13252...

7.5CVSS7.7AI score0.41288EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/17 5:32 p.m.36 views

Security Bulletin: Node.js as used in IBM QRadar Packet Capture is vulnerable to the following CVE's (CVE-2019-1559, CVE-2019-5737, CVE-2019-5739)

Summary Node.js as used in IBM QRadar Packet Capture is susceptible to the following vulnerabilities Vulnerability Details CVEID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after t...

7.5CVSS0.5AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/06 12:28 p.m.42 views

Security Bulletin: A vulnerability in Node.js affects IBM Cloud App Management V2018

Summary There is a vulnerability in Node.js used by IBM® Cloud App Management V2018. Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a lo...

7.5CVSS1.2AI score0.16184EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2019/07/22 1:39 p.m.121 views

Important: Red Hat Security Advisory: rh-nodejs8-nodejs security update

An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.41288EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/02 5:50 p.m.28 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2019-5739 CVE-2019-5737 CVE-2019-1559)

Summary IBM Cloud Private is vulnerable to multiple security vulnerabilities in Node.js Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts...

7.5CVSS0.5AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/06 8:5 p.m.28 views

Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs. Node.js vulnerabilities were disclosed by the Node.js foundation. Node.js is used by IBM SDK for Node.j...

7.5CVSS0.3AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/06 3:40 p.m.30 views

Security Bulletin: IBM API Connect is affected by a denial of service vulnerability in Node.js (CVE-2019-5737)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-5737 DESCRIPTION: Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and...

7.5CVSS1.9AI score0.16184EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/04/17 12:0 a.m.45 views

openSUSE Security Update : nodejs10 (openSUSE-2019-1211)

This update for nodejs10 to version 10.1.2 fixes the following issue: Security issue fixed : - CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active bsc1127532. This update was imported from the SUSE:SLE-12:Update update projec...

7.5CVSS7.1AI score0.16184EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/04/17 12:0 a.m.31 views

openSUSE: Security Advisory for nodejs10 (openSUSE-SU-2019:1211-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.8AI score0.16184EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.50 views

openSUSE Security Update : nodejs6 (openSUSE-2019-1173)

This update for nodejs6 to version 6.17.0 fixes the following issues : Security issues fixed : - CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active bsc1127533. - CVE-2019-5737: Fixed a potentially attack vector which could...

7.5CVSS6.3AI score0.17139EPSS
Exploits0References7
Rows per page
Query Builder