Oval Definition:	oval:com.ubuntu.xenial:def:201871640000000
Revision Date: 2018-06-13 Version: 1 Title: CVE-2018-7164 on Ubuntu 16.04 LTS (xenial) - medium. Description: Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-7164 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information NOT nodejs package in xenial, while related to the CVE in some way, is not affected (note: 'code not present'). OR NOT nodejs-legacy package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
BACK