A Node.js application that allows an malicious user to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nodejs node.js |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
oracle graalvm 19.3.4 |
||
oracle graalvm 20.3.0 |
||
oracle retail xstore point of service 16.0.6 |
||
oracle retail xstore point of service 17.0.4 |
||
oracle retail xstore point of service 18.0.3 |
||
oracle retail xstore point of service 19.0.2 |
||
oracle jd edwards enterpriseone tools |
||
oracle mysql cluster |
||
oracle blockchain platform |
||
c-ares project c-ares |