Node.js is vulnerable to hash flooding. Install security updates now! https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/ …
Here’s how hash flooding attacks work:
-
-
Thank you for the explanation! Is there a PoC script to test it anywhere? I wonder what makes a server affected / not to this vulnerability
-
All unpatched Node.js versions are affected. The linked blog post explains the cause nicely, IMHO:pic.twitter.com/Ftt2Il57sC
- 3 more replies
New conversation -
-
-
Check out
@hashseed’s write-up for more details: https://v8project.blogspot.com/2017/08/about-that-hash-flooding-vulnerability.html …Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.