CNNVD-202601-3181 Information
Jan 20, 2026
cve
CNNVD ID
CNNVD-202601-3181
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
Node.js是Node.js开源的一个开源、跨平台的 JavaScript 运行时环境。 Node.js存在安全漏洞,该漏洞源于处理畸形的HTTP/2 HEADERS帧时触发未处理的TLSSocket错误,可能导致进程崩溃和远程拒绝服务。
Description (English)
Node.js is an open-source, cross-platform JavaScript running environment for Node.js. There is a security loophole in Node.js, which stems from the handling of the deformed HTTP/2 HEADERS frame that triggers the unprocessed TLSOCKet error, which could lead to the collapse of the process and the remote denial of services.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Node.js
Published
2026-01-20
Last Modified
2026-02-24
References
https://nodejs.org/en/blog/vulnerability/december-2025-security-releases
Patch
https://nodejs.org/en/blog/vulnerability/december-2025-security-releases
Share on: