Index: security/vuxml/vuln.xml =================================================================== --- security/vuxml/vuln.xml +++ security/vuxml/vuln.xml @@ -58,6 +58,40 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + Node.js -- remote DOS security vulnerability + + + node + 8.8.0 + + + node6 + 6.10.26.11.5 + + + node4 + 4.8.24.8.5 + + + + +

Node.js reports:

+
Node.js was susceptible to a remote DoS attack due to a change that came in as part of zlib v1.2.9. In zlib v1.2.9 8 became an invalid value for the windowBits parameter and Node's zlib module will crash or throw an exception (depending on the version)
+

+ + + + https://nodejs.org/en/blog/vulnerability/oct-2017-dos/ + CVE-2017-14919 + + + 2017-10-17 + 2017-10-25 + + + GitLab -- multiple vulnerabilities