Skip to main content

Node.js Multiple Vulnerabilities

Last Update Date: 12 Dec 2018 10:37 Release Date: 12 Dec 2018 4805 Views

RISK: Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

Multiple vulnerabilities have been identified in Node.js, a remote attacker can exploit these vulnerabilities to trigger elevation of privilege, remote code execution and denial of service on the targeted system.


Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • Version prior to Node.js 11.3.0 (Current)
  • Version prior to Node.js 10.14.0 (LTS "Dubnium")
  • Version prior to Node.js 8.14.0 (LTS "Carbon")
  • Version prior to Node.js 6.15.0 (LTS "Boron")

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

    Update to version:
  • Node.js 11.3.0 (Current)
  • Node.js 10.14.0 (LTS "Dubnium")
  • Node.js 8.14.0 (LTS "Carbon")
  • Node.js 6.15.0 (LTS "Boron")

Vulnerability Identifier


Source


Related Link