Can Node.JS support confirm Node.JS v16 or lower version without using http2 will be exploitable to CVE-2023-44487 (HTTP2 exploited for DDoS attack)? #51055

johncywu · 2023-12-05T08:28:28Z

johncywu
Dec 5, 2023

If my application running on Node.JS v16 or lower without using http2 module, will it still be exploitable to CVE-2023-44487 (HTTP2 exploited for DDoS attack)?
Is there any official support from Node.JS can confirm this?

Answered by RedYetiDev

Jun 26, 2024

This version of Node.js is EoL. If you are able to find a similar issue, please post a new issue/discussion.

View full answer

RedYetiDev · 2024-06-26T03:44:57Z

RedYetiDev
Jun 26, 2024
Collaborator

This version of Node.js is EoL. If you are able to find a similar issue, please post a new issue/discussion.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Node.js

Can Node.JS support confirm Node.JS v16 or lower version without using http2 will be exploitable to CVE-2023-44487 (HTTP2 exploited for DDoS attack)? #51055

{{title}}

Replies: 1 comment

{{title}}

Select a reply

Node.js

Can Node.JS support confirm Node.JS v16 or lower version without using http2 will be exploitable to CVE-2023-44487 (HTTP2 exploited for DDoS attack)? #51055

johncywu Dec 5, 2023

Replies: 1 comment

RedYetiDev Jun 26, 2024 Collaborator

johncywu
Dec 5, 2023

RedYetiDev
Jun 26, 2024
Collaborator