Lucene search
Redhat.comRH:CVE-2018-7164HistoryApr 01, 2020 - 1:58 p.m.
CVE-2018-7164
2020-04-0113:58:28
redhat.com
access.redhat.com
13
0.003 Low
EPSS
Percentile
68.1%
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour.
Related
openvas
openvas
Node.js Denial-of-Service Vulnerability - 04 - Windows
2018-07-09 00:00:00
Node.js Denial-of-Service Vulnerability - 04 - Mac OS X
2018-07-10 00:00:00
prion
prion
Design/Logic Flaw
2018-06-13 16:29:00
cbl_mariner
cbl_mariner
CVE-2018-7164 affecting package nodejs 8.11.4-7
2021-08-11 06:39:34
osv
osv
CVE-2018-7164
2018-06-13 16:29:01
veracode
veracode
Denial Of Service (DoS)
2018-07-31 05:45:54
debiancve
debiancve
CVE-2018-7164
2018-06-13 16:29:01
cvelist
cvelist
CVE-2018-7164
2018-06-12 00:00:00
cve
cve
CVE-2018-7164
2018-06-13 16:29:01
nvd
nvd
CVE-2018-7164
2018-06-13 16:29:01
ubuntucve
ubuntucve
CVE-2018-7164
2018-06-13 00:00:00
f5
f5
nodejsblog
nodejsblog
June 2018 Security Releases
2018-06-12 00:00:00
nessus
nessus
FreeBSD : node.js -- multiple vulnerabilities (45b8e2eb-7056-11e8-8fab-63ca6e0e13a2)
2018-06-15 00:00:00
Node.js multiple vulnerabilities (July 2018 Security Releases).
2018-11-14 00:00:00
GLSA-202003-48 : Node.js: Multiple vulnerabilities
2020-03-23 00:00:00
freebsd
freebsd
node.js -- multiple vulnerabilities
2018-06-12 00:00:00
gentoo
gentoo
Node.js: Multiple vulnerabilities
2020-03-20 00:00:00