Suse » Suse Openstack Cloud » 8 : Security Vulnerabilities, CVEs,

cpe:2.3:o:suse:suse_openstack_cloud:8:*:*:*:*:*:*:*

CVE-2018-12122

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.
Max CVSS
7.5
EPSS Score
1.80%
Published
2018-11-28
Updated
2022-09-06

CVE-2018-12116

Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
Max CVSS
7.5
EPSS Score
0.12%
Published
2018-11-28
Updated
2022-08-29
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close