Lucene search
K

16 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2019-0277)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.9AI score0.41288EPSS
Exploits0References23
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2019:0658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.17139EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2019:0818-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.17139EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2020/04/03 7:51 a.m.24 views

CVE-2019-5739

Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service DoS attack...

7.5CVSS2.3AI score0.0505EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/17 5:32 p.m.36 views

Security Bulletin: Node.js as used in IBM QRadar Packet Capture is vulnerable to the following CVE's (CVE-2019-1559, CVE-2019-5737, CVE-2019-5739)

Summary Node.js as used in IBM QRadar Packet Capture is susceptible to the following vulnerabilities Vulnerability Details CVEID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after t...

7.5CVSS0.5AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/07/02 5:50 p.m.28 views

Security Bulletin: Multiple Security Vulnerabilities affect IBM Cloud Private (CVE-2019-5739 CVE-2019-5737 CVE-2019-1559)

Summary IBM Cloud Private is vulnerable to multiple security vulnerabilities in Node.js Vulnerability Details CVEID: CVE-2019-1559 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts...

7.5CVSS0.5AI score0.17139EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/06/06 8:5 p.m.28 views

Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM SDK for Node.js for IBM Cloud. IBM SDK for Node.js for IBM Cloud has addressed the applicable CVEs. Node.js vulnerabilities were disclosed by the Node.js foundation. Node.js is used by IBM SDK for Node.j...

7.5CVSS0.3AI score0.17139EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.50 views

openSUSE Security Update : nodejs6 (openSUSE-2019-1173)

This update for nodejs6 to version 6.17.0 fixes the following issues : Security issues fixed : - CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active bsc1127533. - CVE-2019-5737: Fixed a potentially attack vector which could...

7.5CVSS6.3AI score0.17139EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2019/04/09 12:0 a.m.37 views

openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2019:1173-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.5AI score0.17139EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/04/08 12:0 a.m.104 views

Security update for nodejs6 (moderate)

openSUSE Security Update: Security update for nodejs6 Announcement ID: openSUSE-SU-2019:1173-1 Rating: moderate References: 1127080 1127532 1127533 Cross-References: CVE-2019-1559 CVE-2019-5737 CVE-2019-5739 Affected Products: openSUSE Leap 42.3 An update that fixes three vulnerabilities is now...

7.5CVSS6.7AI score0.17139EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2019/04/02 5:10 a.m.36 views

Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway

Summary Security Vulnerabilities in Node.js affect IBM Voice Gateway. Vulnerability Details CVEID: CVE-2019-5737 DESCRIPTION: Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and...

7.5CVSS0.9AI score0.16184EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/04/01 12:0 a.m.54 views

SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0818-1)

This update for nodejs6 to version 6.17.0 fixes the following issues : Security issues fixed : CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active bsc1127533. CVE-2019-5737: Fixed a potentially attack vector which could lead ...

7.5CVSS6.4AI score0.17139EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2019/03/29 12:0 a.m.43 views

openSUSE Security Update : nodejs4 (openSUSE-2019-1076)

This update for nodejs4 fixes the following issues : Security issues fixed : - CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active bsc1127533. - CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of...

7.5CVSS6.3AI score0.17139EPSS
Exploits0References6
CVE
CVE
added 2019/03/28 4:27 p.m.153 views

CVE-2019-5739

CVE-2019-5739 describes a denial-of-service vulnerability in Node.js keep-alive handling where HTTP/HTTPS connections could stay open up to 2 minutes on affected versions (Node.js ≤6.16.0). The issue is mitigated by Node.js 6.17.0+ introducing server.keepAliveTimeout (default 5 seconds); Node.js ...

7.5CVSS7.3AI score0.0505EPSS
Exploits0References5Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2019/03/28 12:0 a.m.140 views

Security update for nodejs4 (moderate)

openSUSE Security Update: Security update for nodejs4 Announcement ID: openSUSE-SU-2019:1076-1 Rating: moderate References: 1127080 1127532 1127533 Cross-References: CVE-2019-1559 CVE-2019-5737 CVE-2019-5739 Affected Products: openSUSE Leap 42.3 An update that fixes three vulnerabilities is now...

7.5CVSS7.5AI score0.17139EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/03/21 12:0 a.m.42 views

SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2019:0658-1)

This update for nodejs4 fixes the following issues : Security issues fixed : CVE-2019-5739: Fixed a potentially attack vector which could lead to Denial of Service when HTTP connection are kept active bsc1127533. CVE-2019-5737: Fixed a potentially attack vector which could lead to Denial of Servi...

7.5CVSS6.4AI score0.17139EPSS
Exploits0References10
Rows per page
Query Builder