VYPR
Unrated severityNVD Advisory· Published Nov 28, 2018· Updated Dec 27, 2024

CVE-2018-12121

CVE-2018-12121

Description

Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers (almost 80 KB per connection), and carefully timed completion of the headers, it is possible to cause the HTTP server to abort from heap allocation failure. Attack potential is mitigated by the use of a load balancer or other proxy layer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

23

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.