Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

msrc логотип

CVE-2019-5737

Опубликовано: 06 июн. 2021
Источник: msrc
CVSS3: 7.5
EPSS Средний

Описание

Описание отсутствует

Возможность эксплуатации

DOS

N/A

EPSS

Процентиль: 96%
0.29342
Средний

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-5737

CVSS3: 7.5
ubuntu
около 6 лет назад

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1.

redhat логотип

CVE-2019-5737

CVSS3: 5.3
redhat
больше 6 лет назад

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1.

nvd логотип

CVE-2019-5737

CVSS3: 7.5
nvd
около 6 лет назад

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service (DoS) by establishing an HTTP or HTTPS connection in keep-alive mode and by sending headers very slowly. This keeps the connection and associated resources alive for a long period of time. Potential attacks are mitigated by the use of a load balancer or other proxy layer. This vulnerability is an extension of CVE-2018-12121, addressed in November and impacts all active Node.js release lines including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1.

debian логотип

CVE-2019-5737

CVSS3: 7.5
debian
около 6 лет назад

In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before ...

suse-cvrf логотип

openSUSE-SU-2019:1211-1

suse-cvrf
около 6 лет назад

Security update for nodejs10

EPSS

Процентиль: 96%
0.29342
Средний

7.5 High

CVSS3