Node.js is vulnerable to hash flooding. Install security updates now! https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/ …
Here’s how hash flooding attacks work:
-
-
This attack is possible when the attacker knows the hashing function (duh, open source) and the hashing seed used on the server (whoops!).
-
Thank you for the explanation! Is there a PoC script to test it anywhere? I wonder what makes a server affected / not to this vulnerability
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.