Node.js prior to 4.8.5, 6.x prior to 6.11.5, and 8.x prior to 8.8.0 allows remote malicious users to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nodejs node.js 4.8.3 |
||
nodejs node.js 4.8.4 |
||
nodejs node.js 6.10.2 |
||
nodejs node.js 6.10.3 |
||
nodejs node.js 8.3.0 |
||
nodejs node.js 8.4.0 |
||
nodejs node.js 8.5.0 |
||
nodejs node.js 8.6.0 |
||
nodejs node.js 6.11.1 |
||
nodejs node.js 6.11.3 |
||
nodejs node.js 8.1.2 |
||
nodejs node.js 8.1.4 |
||
nodejs node.js 8.2.1 |
||
nodejs node.js 8.7.0 |
||
nodejs node.js 6.11.4 |
||
nodejs node.js 8.0.0 |
||
nodejs node.js 8.1.0 |
||
nodejs node.js 8.1.1 |
||
nodejs node.js 4.8.2 |
||
nodejs node.js 6.11.0 |
||
nodejs node.js 6.11.2 |
||
nodejs node.js 8.1.3 |
||
nodejs node.js 8.2.0 |