Количество 7
Количество 7
CVE-2025-59465
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ```
CVE-2025-59465
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ```
CVE-2025-59465
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` dat ...
GHSA-w2pg-hw7v-f7m9
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ```
BDU:2026-00547
Уязвимость программной платформы Node.js, связанная с ошибкой обработки исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2026:0301-1
Security update for nodejs22
SUSE-SU-2026:0295-1
Security update for nodejs22
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-59465 A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ``` | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
 | CVE-2025-59465 A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ``` | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
| CVE-2025-59465 A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` dat ... | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
| GHSA-w2pg-hw7v-f7m9 A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ``` | CVSS3: 7.5 | 0% Низкий | 14 дней назад |
 | BDU:2026-00547 Уязвимость программной платформы Node.js, связанная с ошибкой обработки исключительных состояний, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 22 дня назад |
 | SUSE-SU-2026:0301-1 Security update for nodejs22 | 8 дней назад | ||
| SUSE-SU-2026:0295-1 Security update for nodejs22 | 9 дней назад |
Уязвимостей на страницу