ByteBrief

Best read upright.

We're a portrait publication through and through. Turn your phone back and your briefing picks up right where you left it.

(We tried widescreen once. It wasn't us.)

ByteBrief

SecurityNode.js Blogover 12 years ago

DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)

1 min read

Node.js patched a denial-of-service vulnerability in versions 0.8.26 and 0.10.21. The attack exploits pipelined HTTP requests without reading responses, exhausting server resources. The fix pauses the socket and HTTP parser during drain events. nginx can mitigate the flaw; HAProxy in raw TCP mode cannot.

Level

Hype check

Tap to vote and see what everyone thinks.

#node.js #security #denial-of-service

Best read upright.

DoS Vulnerability (fixed in Node v0.8.26 and v0.10.21)

More to chew on!

More to chew on!