Lucene search
NodejsCVELIST:CVE-2018-7164HistoryJun 12, 2018 - 12:00 a.m.
CVE-2018-7164
2018-06-1200:00:00
nodejs
www.cve.org
1
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour.
CNA Affected
[
{
"product": "Node.js",
"vendor": "The Node.js Project",
"versions": [
{
"status": "affected",
"version": "9.7.X+"
},
{
"status": "affected",
"version": "10.x+"
}
]
}
]Related
cbl_mariner
cbl_mariner
CVE-2018-7164 affecting package nodejs 8.11.4-7
2021-08-11 06:39:34
osv
osv
CVE-2018-7164
2018-06-13 16:29:01
redhatcve
redhatcve
CVE-2018-7164
2020-04-01 13:58:28
veracode
veracode
Denial Of Service (DoS)
2018-07-31 05:45:54
debiancve
debiancve
CVE-2018-7164
2018-06-13 16:29:01
openvas
openvas
Node.js Denial-of-Service Vulnerability - 04 - Mac OS X
2018-07-10 00:00:00
Node.js Denial-of-Service Vulnerability - 04 - Windows
2018-07-09 00:00:00
prion
prion
Design/Logic Flaw
2018-06-13 16:29:00
cve
cve
CVE-2018-7164
2018-06-13 16:29:01
nvd
nvd
CVE-2018-7164
2018-06-13 16:29:01
ubuntucve
ubuntucve
CVE-2018-7164
2018-06-13 00:00:00
f5
f5
nodejsblog
nodejsblog
June 2018 Security Releases
2018-06-12 00:00:00
nessus
nessus
FreeBSD : node.js -- multiple vulnerabilities (45b8e2eb-7056-11e8-8fab-63ca6e0e13a2)
2018-06-15 00:00:00
Node.js multiple vulnerabilities (July 2018 Security Releases).
2018-11-14 00:00:00
GLSA-202003-48 : Node.js: Multiple vulnerabilities
2020-03-23 00:00:00
freebsd
freebsd
node.js -- multiple vulnerabilities
2018-06-12 00:00:00
gentoo
gentoo
Node.js: Multiple vulnerabilities
2020-03-20 00:00:00