{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-07-25T00:00:00", "descriptions": [{"lang": "en", "value": "Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-06T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "99959", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99959"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/"}, {"name": "RHSA-2017:3002", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3002"}, {"name": "RHSA-2017:2908", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2908"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-11499", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "99959", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99959"}, {"name": "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/", "refsource": "CONFIRM", "url": "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/"}, {"name": "RHSA-2017:3002", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3002"}, {"name": "RHSA-2017:2908", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2908"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-11499", "datePublished": "2017-07-25T13:00:00", "dateReserved": "2017-07-20T00:00:00", "dateUpdated": "2017-12-06T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nodejs:node.js:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0390D600-532D-4675-95BB-10EC4E06F3E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "35AAF7CD-9AE6-4A4B-858E-4B17031BD058", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DCB6010-AC31-4B61-9DA6-E119ADC5D70B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5364365-36F1-49C0-BF8D-2D5054BC7B1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0740684D-989A-4957-8AC1-AAB01A04E393", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "08C97202-6AEC-4B8D-B3F6-49F6AEF9CFD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7EFA073A-9AC2-4162-9DDA-B6CD0AE53D3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "4F8FD4B3-D515-486A-94A3-29CBDA2E25CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "55E18631-9502-42CC-A85A-EA5742FDC317", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "4CCBC213-1524-4C88-9EB3-52E003070A3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "C928FB55-2F33-4458-8484-4010AE8883A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CEEFA5F-2B32-4CA0-84AD-E0ECA0F81078", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "4754B0A8-A7D7-41A1-BFE5-10D84E7CEC1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "D132104E-163C-47EE-B247-578D64AC88D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4E208FB1-A772-4002-BD56-3360BDDFEF37", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "14BE6C0B-E6EC-4CD2-912B-45DE9F94BA59", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "714EBE27-F0D0-4B2E-90E1-4C73DF7FAA81", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "0BE8859F-1EBE-4B9A-A5ED-7FA63D68C947", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "1249AA75-5676-4AFC-99B4-A59DC9BE1F33", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "E875B302-1923-40AF-B956-A063714BBA9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "10940F9C-6671-4C0D-89F9-6111A44FA74D", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "5F031F09-0AF1-4825-8C8C-AC5A65119E92", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "413C8F30-5B76-49D6-95C2-E62FC34911EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9CA03990-23A0-4D9E-A46C-39E4C214CDA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "89B156BD-1465-4758-A767-5D1377FD9B1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "E7AF4AFE-14E3-4264-84BB-45B9CDB6D363", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "39233953-4ADE-49D7-95E8-0199008375E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "002CF669-688A-40D3-9576-17ABFB17DE4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "B3D6AF6A-5B1A-46DE-B03D-DDEB69B86F8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "F29C7E8C-8C0B-4B44-A178-5C31D9B1F3A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "EB5573D5-6792-472E-943C-582C104A9266", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "1AC50639-CD44-408B-98C2-20A6D71C454B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "85C38CBB-154F-4842-B783-86DE1700A59C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:4.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "E4A52ABF-EAB6-4B14-8DF2-49E0D93F0737", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "64F7E56E-CA65-47C3-9ADA-F13A834D3961", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "183A5888-01C5-4977-9C66-1467FFA6D457", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F811E8BB-F1C8-43BE-BEAD-FC4FE122ABEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "FEDE8D29-7C15-44D1-8D5C-0E438D9DE029", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "0DCA3C10-FB37-4256-812A-EB8A3A095E6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "54197CC5-9C7D-4DCE-A60F-625DE246E5A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6173A6E4-F472-46CF-9762-6F3CAAFD9C3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4C25A52-E3C0-4429-AB96-1E33523E51D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "590070D6-198A-456E-A55D-D0B06DD3FF8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "46FCC5E2-1106-4153-B8C6-5E9594735529", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "56778D45-8B99-406D-BE97-034D3A29F32E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0C7E2F2-8C41-4F3B-848A-144DCA30FC69", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "11778EAE-5DCD-4D4E-807B-FD3C0DC47BE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C203335-0CB9-4B38-80C1-344607FFAE29", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D70C084-6B75-401B-9F52-B3E2B5060FEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "85D0381B-EECC-49E9-A43E-9877226FAFF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C5C5E18-2613-4851-953F-6773886A908F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "2478B4BA-703D-45BD-9B59-713AEDEDB14F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:5.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "8AB33415-8446-43C6-9D1B-DF0D6BF8D0EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5A53CB0E-3FBA-4796-BC81-6003A7DC29DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4F3F415-CD69-4E19-A4F9-3673D2907932", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "758E9981-966B-4BB5-8982-183683C76228", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD05686C-E548-43CB-81C1-5AE3E3E5ECBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D1FAA74-207E-4E37-90F7-75202ED64E37", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F747352F-DFE4-45C3-9806-CBDC1E4A64E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E144BC9-0D69-4C9B-9AF0-D7730F1719EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "82EA5976-2268-4FF3-BE6A-5680D45073E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "E85F98DB-A43D-47C0-B271-0E25DCF0EA65", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "94E82A49-5897-43D4-8EF7-F743B8B909E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "083FA7D0-5707-4B87-955A-5C75E416715A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "06A96BD0-0922-4E96-BE72-0FB39D6C139F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "58A8B882-F8A2-4D11-B9C9-F02227661BA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "02AA2065-D99B-4805-BD30-63CC42B07264", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "612507E3-84F7-4343-8F8F-156BF96B1535", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "A053FD13-3912-45D3-BBFF-A29415675B4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "5406D0BF-7AA8-49A1-A712-A78D0E5A4AB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "80F53DBB-AE67-47DF-81AF-3E697D099EB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "6E72FD09-9C0F-4685-83CE-A60823208169", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B889EF50-8C17-48B1-8D79-BFBB69E0E808", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "6A16A6C5-170F-48D2-A9B4-F64CCC436E5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "96903DD4-70B8-4F30-AE8D-B5BF4235EC93", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "F99F1B8C-B2A2-46F0-A46B-543876382BD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D4E9F52-DAAA-4E7E-B37A-A8612DDF6717", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:6.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "33314D49-3EDD-458F-9DC6-71AC0C1BF2D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B6335D5-4A9B-425E-BEE2-F79BE4B07F6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC03B878-CC9F-4E5B-98FF-89302D1A14C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "85A26147-1A40-40BA-A31A-1D3E3C12B25A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ADF5735F-9BDC-4F99-8E5F-EE2BA0946B1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "726FC696-439B-49FD-AD83-E8E0808A877E", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6876765D-5936-49D2-ACCC-DFBAD2ADC7AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "531E6D2A-80F5-4E61-9F94-20C52EF51C33", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "89DB06D6-94B8-47B4-A63B-678866B6CF91", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "127BC110-BCB3-4EF5-918B-487AA953DAD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "FD59683C-71B8-40B1-8F63-6C615D1F24C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "46ABF6BA-B4EE-4E43-9D53-A088ED8B5C66", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "70CF83FA-1E27-462D-9669-BCF4EA2B112C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "BCAB616B-F595-4B96-960F-F0693BFE5AAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "EF65EA06-835C-4CC6-92D4-B457C4EADD43", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "53E256FD-DC14-4507-9070-32940032FE7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "1A7C28EC-2D0F-4146-A495-44B5C63571C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:7.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "5B0ABD2F-2130-40BD-B008-095AB6A93BBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "710CFCCF-7086-472E-90A9-ACE36A8F8AF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:8.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E35B2D35-798E-4186-8C17-4AC717777668", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC765BA6-CDB8-4C3B-9D23-64996F38027A", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:8.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B35BB2AB-7E3E-450D-A135-A0A8020F0BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:nodejs:node.js:8.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "1A710334-6ADA-4BF3-A4A8-F1EF1CC07674", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js. This was a result of building with V8 snapshots enabled by default which caused the initially randomized seed to be overwritten on startup."}, {"lang": "es", "value": "Node.js versi\u00f3n v4.0 hasta v4.8.3, todas las versiones de v5.x, versi\u00f3n v6.0 hasta v6.11.0, versi\u00f3n v7.0 hasta v7.10.0, y versi\u00f3n v8.0 hasta v8.1.3, fue susceptible a ataques DoS remotos de inundaci\u00f3n de hash ya que el seed HashTable fue constante en una versi\u00f3n dada de Node.js. Esto fue el resultado de la compilaci\u00f3n con instant\u00e1neas V8 habilitadas por defecto, lo que caus\u00f3 que el seed aleatorizado inicialmente se sobrescribiera en el arranque."}], "id": "CVE-2017-11499", "lastModified": "2017-12-07T02:29:12.883", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-25T13:29:00.177", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99959"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:2908"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:3002"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}