A potential vulnerability has been identified related to Node.js. Refer to details for additional information.
CVEID:CVE-2020-8277
**DESCRIPTION:**Node.js is vulnerable to a denial of service. By getting the application to resolve a DNS record with a larger number of responses, an attacker could exploit this vulnerability to trigger a DNS request for a host of their choice resulting in a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/191755 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
WA for ICP | 1.4.2, 1.5.0 |
Upgrade to the latest (4.0.0) release of WA for CP4D which maintains backward compatibility with the versions listed above.
None
CPE | Name | Operator | Version |
---|---|---|---|
watson developer cloud | eq | 4.0.0 |