June 23, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
ICS: Multiple Siemens Products Vulnerabilities
June 19, 2024
Multiple IBM Products Vulnerabilities
June 19, 2024
ICS: Multiple Siemens Products Vulnerabilities
June 19, 2024
Multiple IBM Products Vulnerabilities
June 19, 2024
Severity
High
Analysis Summary
CVE-2024-37890
Node.js ws module is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending a specially crafted request with multiple HTTP headers, a remote attacker could exploit this vulnerability to cause the server to crash.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-37890
Affected Vendors
Node.js
Affected Products
- NPM ws 7.0.0
- NPM ws 5.0.0
- NPM ws 6.0.0
- NPM ws 2.0.0
Remediation
Upgrade to the latest version of ws, available from the Ws GIT Repository.