1
Candidate: CVE-2018-7164
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7164
5
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/#memory-exhaustion-dos-on-v9-x-cve-2018-7164
6
https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/
8
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity
9
is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when
10
reading from the network into JavaScript using the net.Socket object
11
directly as a stream. An attacker could use this cause a denial of service
12
by sending tiny chunks of data in short succession. This vulnerability was
13
restored by reverting to the prior behaviour.
23
upstream_nodejs: needs-triage
24
precise/esm_nodejs: DNE
25
trusty_nodejs: needs-triage
26
xenial_nodejs: needs-triage
27
artful_nodejs: needs-triage
28
bionic_nodejs: needs-triage
29
devel_nodejs: needs-triage