What the vulnerability does
01Description
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
CVSS base score
—
Key dates
02Disclosure timeline
September 18, 2020
CVE published
April 30, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-42400 Uncontrolled Resource Consumption in Kibana Leading to Denial of Service
CVE-2018-15383 Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability
CVE-2026-22541 DENIAL OF SERVICE VIA ICMP PACKETS
CVE-2021-31409 Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19
CVE-2025-27081 HPE NonStop OSM Service Connection Suite, Denial of Service vulnerability
