Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

ASA-202505-8 - log back

ASA-202505-8 edited at 20 May 2025 19:18:50

ASA-202505-8 edited at 18 May 2025 23:52:22

Impact

+

A remote attacker can exploit multiple vulnerabilities in Node.js to cause a denial of service or bypass access restrictions. Improper error handling and memory management flaws may crash the process or lead to unbounded memory usage, while an HTTP parsing inconsistency in Node.js 20.x can enable request smuggling, allowing attackers to evade proxy-based access controls and submit unauthorized requests.

ASA-202505-8 created at 18 May 2025 23:47:41