CVE-2017-14919
CVE-2017-14919CVE-2017-14919
nodejs / node.js
Description
Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter.
Scoring
| CVSS | 7.5 () |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Last modified | 2026-07-14 |