HTTP Denial of Service Vulnerability Found in Node.js 4.x and io.js 3.x
Security Update : There’s an HTTP Denial of Service (DoS) vulnerability in Node.js and io.js, which the team plans to fix on Monday, October 5.
The announcement was made on Node’s Security Google Group by Rod Vagg, developer at NodeSource and one of Node’s main overseers.
According to Rod’s security disclosure, the bug only affects recent versions of Node.js and io.js. More specifically, these are Node.js 4.0.0, 4.1.0, and 4.1.1, along with all io.js 3.x versions.
Other iterations like… (read more)