CVE-2013-4450

Published: Oct 21, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined requests without reading the response.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://kb.juniper.net/JSA10783

x_refsource_CONFIRM

RHSA-2013:1842

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2013:1863

vendor-advisory

x_refsource_SUSE

[oss-security] 20131019 Re: CVE Request: Node.js HTTP Pipelining DoS

mailing-list

x_refsource_MLIST

63229

vdb-entry

x_refsource_BID

http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/

x_refsource_CONFIRM

http://blog.nodejs.org/2013/10/18/node-v0-8-26-maintenance/

x_refsource_CONFIRM

https://github.com/rapid7/metasploit-framework/pull/2548

x_refsource_MISC

https://groups.google.com/forum/#%21topic/nodejs/NEbweYB0ei0

x_refsource_MISC

https://github.com/joyent/node/issues/6214

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4450

Description

Affected Products

References