VYPR
High severity7.5NVD Advisory· Published Jan 2, 2016· Updated Jun 17, 2026

CVE-2015-8027

CVE-2015-8027

Description

Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (uncaughtException and service outage) via a pipelined HTTP request.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15
  • Node.js/Node.js15 versions
    cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:nodejs:node.js:0.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.3:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.4:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.5:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.6:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.7:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:0.12.8:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*
    • (no CPE)range: 0.12.x <0.12.9, 4.x <4.2.3, 5.x <5.1.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.