Lucene search
+L

70 matches found

redhat
redhat
added yesterday6 views

nodejs: Node.js: Denial of Service via unlimited HTTP/2 ORIGIN frames

A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service...

7.5CVSS6.6AI score0.00656EPSS
Exploits0References5
redhat
redhat
added yesterday5 views

Important: Red Hat Security Advisory: nodejs:24 security, bug fix, and enhancement update

An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References17
osv
osv
added 6 days ago4 views

RLSA-2026:35841 Important: nodejs24 security, bug fix, and enhancement update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

8.1CVSS6.5AI score0.02806EPSS
Exploits1References16
rocky
rocky
added 6 days ago9 views

nodejs24 security, bug fix, and enhancement update

An update is available for nodejs24. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a platform built on Chrome's JavaScript runtime for easily...

9.8CVSS6.1AI score0.02806EPSS
Exploits1
osv
osv
added 2026/07/06 8:22 p.m.3 views

SUSE-SU-2026:22565-1 Security update for nodejs24

This update for nodejs24 fixes the following issues Update to version 24.18.0 bsc1269825. Security issues fixed: - CVE-2026-2581: undici: denial of service due to uncontrolled resource consumption bsc1268480. - CVE-2026-6733: undici: response queue poisoning on reused keep-alive sockets can lead ...

9.8CVSS6.1AI score0.02806EPSS
Exploits3References44
redhat
redhat
added 2026/07/06 3:7 p.m.6 views

nodejs: Node.js: Denial of Service via unlimited HTTP/2 ORIGIN frames

A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service...

7.5CVSS6.7AI score0.00656EPSS
Exploits0References5
redhat
redhat
added 2026/07/06 2:47 p.m.6 views

nodejs: Node.js: Denial of Service via unlimited HTTP/2 ORIGIN frames

A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service...

7.5CVSS6.7AI score0.00656EPSS
Exploits0References5
redhat
redhat
added 2026/07/06 5:32 a.m.9 views

nodejs: Node.js: Denial of Service via unlimited HTTP/2 ORIGIN frames

A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service...

7.5CVSS5.9AI score0.00656EPSS
Exploits0References5
redhat
redhat
added 2026/07/06 4:52 a.m.7 views

nodejs: Node.js: Denial of Service via unlimited HTTP/2 ORIGIN frames

A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service...

7.5CVSS6.4AI score0.00656EPSS
Exploits0References5
osv
osv
added 2026/07/06 12:0 a.m.5 views

ALSA-2026:35891 Important: nodejs:24 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input CVE-2026-42338 undici: undici: Denial of Service due to...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References32
osv
osv
added 2026/06/29 5:48 a.m.5 views

BIT-NODE-MIN-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.3AI score0.00656EPSS
Exploits0References2
osv
osv
added 2026/06/29 5:48 a.m.6 views

BIT-NODE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6AI score0.00656EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/26 10:44 p.m.9 views

CVE-2026-48619

A flaw was found in Node.js. A malicious server can exploit the HTTP/2 client by sending an unlimited number of ORIGIN frames. This can lead to an Out of Memory error on the client, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently...

7.5CVSS5.9AI score0.00656EPSS
Exploits0References4
f5
f5
added 2026/06/26 6:39 a.m.10 views

K000161920: Node.js vulnerability CVE-2026-48619

Security Advisory Description A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26. CVE-2026-48619 Impa...

7.5CVSS6.3AI score0.00656EPSS
Exploits0
osv
osv
added 2026/06/26 2:16 a.m.3 views

ALPINE-CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.3AI score0.00656EPSS
Exploits0References1
nvd
nvd
added 2026/06/26 2:16 a.m.11 views

CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS0.00656EPSS
Exploits0References1
osv
osv
added 2026/06/26 1:14 a.m.1 views

CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.3CVSS6.8AI score0.00656EPSS
Exploits0References3
euvd
euvd
added 2026/06/26 1:14 a.m.10 views

EUVD-2026-39607

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

7.5CVSS6.5AI score0.00656EPSS
Exploits0References1
cve
cve
added 2026/06/26 1:14 a.m.53 views

CVE-2026-48619

CVE-2026-48619 describes a flaw in Node.js HTTP/2 client where a server can send an unlimited number of ORIGIN frames, potentially causing an Out of Memory (OOM) on the client. Affected releases are Node.js 22, 24, and 26. The June 2026 security releases provide fixes in updated versions: 22.23.0...

7.5CVSS6.7AI score0.00656EPSS
Exploits0References1Affected Software1
attackerkb
attackerkb
added 2026/06/26 1:14 a.m.9 views

CVE-2026-48619

A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.3CVSS6.5AI score0.00656EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder