MGASA-2014-0007

Advisory lineage Upstream: 3 Downstream: 0

Upstream

CVE-2013-4450 CVE-2013-6639 CVE-2013-6640

Published: 06 Jan 2014, 01:20

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Jan 2014, 01:20

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated nodejs package fixes security vulnerabilities A denial of service flaw was found in the way Node.js handled pipelined HTTP requests. A remote attacker could use this flaw to send an excessive amount of HTTP requests over a network connection, causing Node.js to use an excessive amount of memory and possibly exit when all available memory is exhausted (CVE-2013-4450). Denial of service issues in the bundled v8 JavaScript library (CVE-2013-6639, CVE-2013-6640).

Affected Systems

mageia•nodejs
< 0.10.24-1.mga3

MGASA-2014-0007

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)