U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Security Updates for Node.js and io.js

Original release date: July 06, 2015

Networking applications using Node.js or io.js contain a vulnerability in the V8 JavaScript engine. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • node.js-v0.12.6
  • io.js-v2.2.3
  • io.js-v1.8.3

Users and administrators are encouraged to review Node.js Blogpost for v0.12.6 and io.js ChangeLogs for v2.3.3 and v1.8.3 and apply the update.

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top