Lucene search

PRIOn knowledge basePRION:CVE-2020-8251

HistorySep 18, 2020 - 9:15 p.m.

Design/Logic Flaw

2020-09-1821:15:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.4%

JSON

Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.

CPENameOperatorVersion
fedoraeq33
node.jsge14.0.0
node.jslt14.11.0

Name	Operator	Version
fedora	eq	33
node.js	ge	14.0.0
node.js	lt	14.11.0

References

hackerone.com/reports/868834

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6/

nodejs.org/en/blog/vulnerability/september-2020-security-releases/

security.gentoo.org/glsa/202101-07

security.netapp.com/advisory/ntap-20201009-0004/