Rewterz Threat Advisory – Multiple IBM Flash System And Standards Processing Engine Vulnerabilities
October 22, 2021Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
October 22, 2021Rewterz Threat Advisory – Multiple IBM Flash System And Standards Processing Engine Vulnerabilities
October 22, 2021Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
October 22, 2021Severity
Medium
Analysis Summary
CVE-2021-41167
Node.js modern-async module is vulnerable to a denial of service, caused by not limit the number of requests by the forEachSeries and forEachLimit functions. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause a denial of service condition.
Impact
- Denial of Services
Affected Vendors
Node.js
Affected Products
- Node.js modern-async 1.0.3
Remediation
Upgrade to the latest version of modern-async, available from the modern-async GIT Repository.