DescriptionNode.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- openSUSE-SU-2016:0138-1, published Fri, 15 Jan 2016 19:14:14 +0100 (CET)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE 13.1|| ||Patchnames:
|openSUSE Leap 42.1|| ||Patchnames: