Java Buzz Forum - Node.js discloses two critical security vulnerabilities

Articles |
News |
Weblogs |
Books |
Forums

Artima Forums | Articles | Weblogs | Java Answers | News

Sponsored Link •

Java Buzz Forum
Node.js discloses two critical security vulnerabilities

0 replies on 1 page.

Welcome Guest
Sign In

Back to Topic List

Reply to this Topic

Search Forum

Threaded View


Previous Topic		Next Topic

Flat View: This topic has 0 replies on 1 page

News Manager

Posts: 47623
Nickname: newsman
Registered: Apr, 2003

News Manager is the force behind the news at Artima.com.

Node.js discloses two critical security vulnerabilities

Posted: Dec 1, 2015 2:16 PM

This post originated from an RSS feed registered with Java Buzz by News Manager.
Original Post: Node.js discloses two critical security vulnerabilities Feed Title: JavaWorld Feed URL: http://www.javaworld.com/index.rss Feed Description: JavaWorld.com: Fueling Innovation	Latest Java Buzz Posts Latest Java Buzz Posts by News Manager Latest Posts From JavaWorld

Node.js is facing two security vulnerabilities, including a potentially major denial-of-service issue, with patches for the problems not available for a week. Releases of Node.js ranging from 0.12 to version 5 are vulnerable to one or both issues.

A bulletin issued today by the Node.js Foundation, which has jurisdiction over the popular server-side JavaScript platform, covers "a high-impact denial-of-service vulnerability" and a "low-impact V8 out-of-bounds access vulnerability." V8 is the Google-developed JavaScript engine leveraged by Node.js. Officially, the DoS issue is labeled as CVE (Common Vulnerabilities and Exposures) 2015-8027, while the access problem is identified as CVE-2015-6764.

To read this article in full or to leave a comment, please click here

Read: Node.js discloses two critical security vulnerabilities

Previous Topic

Next Topic


	Web Artima.com