← Back to CVE List

CVE-2021-22883

Published: 2021-03-03T18:15Z
Last Modified: 2024-11-21T05:50Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt