CVE-2018-12122 vulnerability in Joyent and Other Products
Published on November 28, 2018
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service (DoS) by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time.
Weakness Type
What is a Resource Exhaustion Vulnerability?
The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
CVE-2018-12122 has been classified to as a Resource Exhaustion vulnerability or weakness.
Products Associated with CVE-2018-12122
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-12122 are published in these products:
Affected Versions
The Node.js Project Node.js Version All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0 is affected by CVE-2018-12122Exploit Probability
EPSS
3.64%
Percentile
87.63%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.