Lucene search
Redhat.comRH:CVE-2019-5739HistoryApr 03, 2020 - 7:51 a.m.
CVE-2019-5739
2020-04-0307:51:46
redhat.com
access.redhat.com
12
0.004 Low
EPSS
Percentile
73.6%
Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and earlier is a potential Denial of Service (DoS) attack vector. Node.js 6.17.0 introduces server.keepAliveTimeout and the 5-second default.
Related
cve
cve
CVE-2019-5739
2019-03-28 17:29:01
ubuntucve
ubuntucve
CVE-2019-5739
2019-03-28 00:00:00
nvd
nvd
CVE-2019-5739
2019-03-28 17:29:01
prion
prion
Design/Logic Flaw
2019-03-28 17:29:00
osv
osv
CVE-2019-5739
2019-03-28 17:29:01
debiancve
debiancve
CVE-2019-5739
2019-03-28 17:29:01
cvelist
cvelist
CVE-2019-5739
2019-03-28 16:27:34
ibm
ibm
nessus
nessus
openSUSE Security Update : nodejs6 (openSUSE-2019-1173)
2019-04-09 00:00:00
openSUSE Security Update : nodejs4 (openSUSE-2019-1076)
2019-03-29 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:0658-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for nodejs6 (openSUSE-SU-2019:1173-1)
2019-04-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0818-1)
2021-06-09 00:00:00
suse
suse
Security update for nodejs4 (moderate)
2019-03-28 00:00:00
Security update for nodejs6 (moderate)
2019-04-08 00:00:00
freebsd
freebsd
Node.js -- multiple vulnerabilities
2019-02-28 00:00:00
nodejsblog
nodejsblog
February 2019 Security Releases
2019-02-28 00:00:00
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2019-09-15 16:24:16
gentoo
gentoo
Node.js: Multiple vulnerabilities
2020-03-20 00:00:00