VYPR

deb package

ubuntu/nodejs

pkg:deb/ubuntu/nodejs

Vulnerabilities (2)

  • CVE-2024-22019Feb 20, 2024
    affected >= 0

    A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of li

  • CVE-2024-21892Feb 20, 2024
    affected >= 0

    On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrec