Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMD3FE4D2AC81C8DA33A63C992BC0C60AFFB3615B235D1AE8B2C93E601DA272F7A
HistoryApr 02, 2019 - 5:10 a.m.

Security Bulletin: Multiple security vulnerabilities in Node.js affect IBM Voice Gateway

2019-04-0205:10:01
www.ibm.com
18

EPSS

0.015

Percentile

86.8%

JSON

Summary

Security Vulnerabilities in Node.js affect IBM Voice Gateway.

Vulnerability Details

CVEID: CVE-2019-5737 DESCRIPTION: Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode and sending headers very slowly to force the connection and associated resources to stay alive for a long period of time, a remote attacker could exploit this vulnerability to consume all available resources.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158093&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID: CVE-2019-5739 DESCRIPTION: Node.js is vulnerable to a denial of service. By establishing an HTTP or HTTPS connection in keep-alive mode forcing the connection to remain open and inactive for up to 2 minutes, a remote attacker could exploit this vulnerability to consume all available resources.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158096&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

IBM Voice Gateway 1.0 - 1.0.0.8e

Remediation/Fixes

Upgrade to IBM Voice Gateway 1.0.1.0

Related

openvas 11
nessus 20
ibm 12
suse 3
freebsd 1
nodejsblog 1
cbl_mariner 1
cvelist 2
osv 5
debiancve 2
veracode 1
ubuntucve 2
redhatcve 2
cve 2
altlinux 1
nvd 2
prion 2
alpinelinux 1
mageia 1
gentoo 1
redhat 3
ubuntu 1
rocky 1
photon 4
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:0818-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0658-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for nodejs4 (openSUSE-SU-2019:1076-1)
2019-04-03 00:00:00
nessus
nessus
openSUSE Security Update : nodejs4 (openSUSE-2019-1076)
2019-03-29 00:00:00
openSUSE Security Update : nodejs6 (openSUSE-2019-1173)
2019-04-09 00:00:00
SUSE SLES12 Security Update : nodejs6 (SUSE-SU-2019:0818-1)
2019-04-01 00:00:00
ibm
ibm
Security Bulletin: Node.js as used in IBM QRadar Packet Capture is vulnerable to the following CVE's (CVE-2019-1559, CVE-2019-5737, CVE-2019-5739)
2019-09-17 17:32:30
Security Bulletin: Secure Gateway is affected by multiple vulnerabilities
2019-06-06 17:15:01
Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud
2019-06-06 20:05:02
suse
suse
Security update for nodejs6 (moderate)
2019-04-08 00:00:00
Security update for nodejs4 (moderate)
2019-03-28 00:00:00
Security update for nodejs10 (moderate)
2019-04-16 00:00:00
freebsd
freebsd
Node.js -- multiple vulnerabilities
2019-02-28 00:00:00
nodejsblog
nodejsblog
February 2019 Security Releases
2019-02-28 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-5737 affecting package nodejs 8.11.4-7
2021-08-11 06:39:34
cvelist
cvelist
CVE-2019-5739
2019-03-28 16:27:34
CVE-2019-5737
2019-03-28 16:20:28
osv
osv
CVE-2019-5739
2019-03-28 17:29:01
CVE-2019-5737
2019-03-28 17:29:01
Important: nodejs:10 security update
2019-09-30 07:07:29
debiancve
debiancve
CVE-2019-5739
2019-03-28 17:29:01
CVE-2019-5737
2019-03-28 17:29:01
veracode
veracode
Denial Of Service (DoS)
2019-03-04 05:31:23
ubuntucve
ubuntucve
CVE-2019-5739
2019-03-28 00:00:00
CVE-2019-5737
2019-03-28 00:00:00
redhatcve
redhatcve
CVE-2019-5739
2020-04-03 07:51:46
CVE-2019-5737
2020-03-01 07:37:24
cve
cve
CVE-2019-5739
2019-03-28 17:29:01
CVE-2019-5737
2019-03-28 17:29:01
altlinux
altlinux
Security fix for the ALT Linux 10 package node version 10.15.3-alt1
2019-03-09 00:00:00
nvd
nvd
CVE-2019-5739
2019-03-28 17:29:01
CVE-2019-5737
2019-03-28 17:29:01
prion
prion
Design/Logic Flaw
2019-03-28 17:29:00
Design/Logic Flaw
2019-03-28 17:29:00
alpinelinux
alpinelinux
CVE-2019-5737
2019-03-28 17:29:01
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2019-09-15 16:24:16
gentoo
gentoo
Node.js: Multiple vulnerabilities
2020-03-20 00:00:00
redhat
redhat
(RHSA-2019:1821) Important: rh-nodejs8-nodejs security update
2019-07-22 13:09:06
(RHSA-2019:2925) Important: nodejs:10 security update
2019-09-30 07:07:29
(RHSA-2019:2939) Important: rh-nodejs10-nodejs security update
2019-09-30 23:10:11
ubuntu
ubuntu
Node.js vulnerabilities
2021-03-15 00:00:00
rocky
rocky
nodejs:10 security update
2019-09-30 07:07:29
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0190
2019-11-20 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0257
2019-11-20 00:00:00
Critical Photon OS Security Update - PHSA-2019-0190
2019-11-20 00:00:00

EPSS

0.015

Percentile

86.8%

JSON
Related for D3FE4D2AC81C8DA33A63C992BC0C60AFFB3615B235D1AE8B2C93E601DA272F7A
openvas11nessus20ibm12suse3freebsd1nodejsblog1cbl_mariner1cvelist2osv5debiancve2veracode1ubuntucve2redhatcve2cve2altlinux1nvd2prion2alpinelinux1mageia1gentoo1redhat3ubuntu1rocky1photon4