oss-sec mailing list archives
CVE Request: Node.js HTTP Pipelining DoS
From: Jonathan Rudenberg <jonathan () titanous com>
Date: Sat, 19 Oct 2013 11:43:51 -0400
Node.js is vulnerable to DoS when a client sends too many pipelined HTTP requests. Links: https://groups.google.com/forum/#!topic/nodejs/NEbweYB0ei0 http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/ http://blog.nodejs.org/2013/10/18/node-v0-8-26-maintenance/ https://github.com/joyent/node/issues/6214 https://github.com/joyent/node/commit/085dd30e93da67362f044ad1b3b6b2d997064692 This issue affects all versions of Node released before 0.10.21 and 0.8.26.
Current thread:
- CVE Request: Node.js HTTP Pipelining DoS Jonathan Rudenberg (Oct 19)
- Re: CVE Request: Node.js HTTP Pipelining DoS Kurt Seifried (Oct 19)